82fe69e5b2874c5afe6fab21c1835e264bfb5faae09c4292394364ca5c6a5dbb

Sharing

Copy URL

Twitter E-mail

General

Target

82fe69e5b2874c5afe6fab21c1835e264bfb5faae09c4292394364ca5c6a5dbb
Size

848KB
MD5

0f8d67e7e9d0b540e615d3d9ce06ed1f
SHA1

6b23633dd8a1a2d3fcfbd513d0e725f3f709a94b
SHA256

82fe69e5b2874c5afe6fab21c1835e264bfb5faae09c4292394364ca5c6a5dbb
SHA512

c1ef5a21fbeb57d0fbd5c27e4e329ad8d025a194172f22c7a5e67fd04b96cd955d280c99870728f7faf6bbc09888f0ff476997c833ba3e0225856c94da7b84fe
SSDEEP

24576:DaC5qz1Y/fRE+NPINVoU86hgIx7Adhx5uzd6nQTR:+Csz1YnWPGkbmL4d/

Score

N/A

Malware Config

Signatures

Files

82fe69e5b2874c5afe6fab21c1835e264bfb5faae09c4292394364ca5c6a5dbb
.exe windows x86

9b241d123e79a7349814645a33c2c12b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtSetEaFile
NtRemoveProcessDebug
LdrSetAppCompatDllRedirectionCallback
RtlImageRvaToVa
ZwSetLdtEntries
ZwGetContextThread
RtlEqualString
NtDeviceIoControlFile
RtlAddVectoredExceptionHandler
_alldvrm
ZwOpenJobObject
NtSetIntervalProfile
ZwSetInformationJobObject
RtlQueryTagHeap
NtQueryDirectoryFile
ZwOpenKey

msvcrt

_cgetws
_ftime
_execvpe
__badioinfo
_fgetchar
_wcsncoll
_open_osfhandle
_fcvt
div
_mbstrlen
_resetstkoflw
_isctype
__p__environ
vwprintf
_findfirst64

kernel32

GetSystemTimeAsFileTime
FatalAppExitA
PrivCopyFileExW
SetTapeParameters
GetConsoleWindow
GetConsoleAliasExesA
SetHandleInformation
InitializeCriticalSection
FreeEnvironmentStringsA
GetModuleHandleW
WritePrivateProfileStructW
EnumTimeFormatsW
CopyFileExA
LoadLibraryA
Heap32ListFirst
GetTickCount
GetExitCodeThread
TlsFree
CreateIoCompletionPort
SetEnvironmentVariableW
VirtualAlloc
GetLastError
PeekNamedPipe
IsDebuggerPresent
RestoreLastError
DeleteCriticalSection

advapi32

SystemFunction026
SetNamedSecurityInfoW
UpdateTraceA
ElfReadEventLogW
ObjectOpenAuditAlarmA
CredReadDomainCredentialsA
SetPrivateObjectSecurity
LsaLookupSids
MakeSelfRelativeSD
LookupPrivilegeNameW
WmiReceiveNotificationsW
LsaQueryTrustedDomainInfo
InitializeSid
WriteEncryptedFileRaw
CryptGetDefaultProviderW

user32

EndDialog

Sections

.text
Size: 725KB - Virtual size: 724KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b241d123e79a7349814645a33c2c12b

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

msvcrt

kernel32

advapi32

user32

Sections

.text Size: 725KB - Virtual size: 724KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 3KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1016B

.text
Size: 725KB - Virtual size: 724KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 3KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1016B