4cec432b97a655525ff3782b65db07ed714419a294e5845f81dfd0ec0cd3a644

Sharing

Copy URL Twitter E-mail

General

Target

4cec432b97a655525ff3782b65db07ed714419a294e5845f81dfd0ec0cd3a644
Size

440KB
MD5

06e76bb14f23b970d2a2914884831970
SHA1

68510c5e3bdbb6233a7db8dd873b46633dfbe829
SHA256

4cec432b97a655525ff3782b65db07ed714419a294e5845f81dfd0ec0cd3a644
SHA512

94a0b2e77b65d765d9b7921cd3551bb9320959535095b07917ad95b90bb0af7259d125e170e36ad9ca2f265d13a0763a2a8e82a2994e3a58482ba17ced33fe90
SSDEEP

12288:R9SCgy8l9VnQH3hvv3ygKDvvTUnvv/1o:3SCgPl9VARvv3yFvvqvv/1o

Score

N/A

Malware Config

Signatures

Files

4cec432b97a655525ff3782b65db07ed714419a294e5845f81dfd0ec0cd3a644
.exe windows x86

06039c6b334bf277a0801ab5a24398cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libnv3p

Nv3pClose
Nv3pDataReceive
Nv3pGetLastNackCode
Nv3pCommandReceive
Nv3pCommandComplete
Nv3pDataSend
Nv3pOpen
Nv3pCommandSend

libnvos

ord82
ord64
ord43
ord22
ord39
ord16
ord165
ord9
ord117
ord13
ord120
ord23
ord15
ord3
ord12
ord113
ord87
ord77
ord84
ord81
ord83
ord29
ord11
ord30
ord17
ord21
ord24
ord27

libnvusbhost

NvUsbDeviceRead
NvUsbDeviceWrite
NvUsbDeviceReadDevId
NvUsbDeviceOpen
NvUsbDeviceClose

libnvflash

NvFlashVerifyListGetNextPartition
NvFlashVerifyListInitLstPartitions
NvFlashCommandParse
NvFlashCommandGetCommand
NvFlashVerifyListDeInitLstPartitions
NvParseCaseSensitive
NvFlashGetSkuType
NvFlashIStrncmp
nvflash_fusewrite_parser_callback
nvflash_parser
NvFlashVerifyListIsPartitionToVerify
NvFlashGetNumCommands
NvFlashIStrcmp
NvFlashConfigFileParse
NvFlashConfigGetLastError
NvFlashConfigListDevices
NvFlashConfigFileClose
nvflash_check_cfgtype
NvFlashCommandGetOption
NvFlashCommandGetLastError

libnvbuildbct

NvBuildBct

libnvboothost

NvBootHostRcmGetMsgLength
NvBootHostT1xxRcmCreateMsgFromBuffer
NvBootHostRcmCreateMsgFromBuffer

libnvapputil

NvAuPrintf

libnvdioconverter

NvConvertStoreBin
PostProcDioOSImage

msvcr90

exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
__iob_func
__initenv
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
fflush

kernel32

Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedExchange

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

06039c6b334bf277a0801ab5a24398cd

Headers

DLL Characteristics

File Characteristics

Imports

libnv3p

libnvos

libnvusbhost

libnvflash

libnvbuildbct

libnvboothost

libnvapputil

libnvdioconverter

msvcr90

kernel32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 308KB - Virtual size: 309KB

.rsrc Size: 28KB - Virtual size: 29KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 308KB - Virtual size: 309KB

.rsrc
Size: 28KB - Virtual size: 29KB