0e1f07e10fcac22801dba94c6678b602959e48945de1512f2dd8f359c95eb896

Sharing

Copy URL Twitter E-mail

General

Target

0e1f07e10fcac22801dba94c6678b602959e48945de1512f2dd8f359c95eb896
Size

38KB
MD5

0cca5fc67ec9d42bec30977906d21b10
SHA1

0fb3750821325435851971ca0697b5ce9059fdd7
SHA256

0e1f07e10fcac22801dba94c6678b602959e48945de1512f2dd8f359c95eb896
SHA512

eda7ba1452e64708bef4ea2c36d3e95ad42d97cf69d57a317691b53879c73f163f74278a083e06850b9a0cd8c477787a42c5b87b09f6e394e25ba8c1e042ce88
SSDEEP

768:3gl2r10ot9GpmgyScg85F62Rgse8b0zkgUfl6v+aWm:A2mg9EmgOF62K184wHQv9

Score

N/A

Malware Config

Signatures

Files

0e1f07e10fcac22801dba94c6678b602959e48945de1512f2dd8f359c95eb896
.exe windows x86

1412827d7122fb52d0b9e5013207a7d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

libsyss

??1UString@UGS@@QAE@XZ
?free@CppMemory@Memory@UGS@@SAXPAX@Z
?allocate@CppMemory@Memory@UGS@@SAPAXI@Z
??3UString@UGS@@SAXPAX0@Z
??0UString@UGS@@QAE@ABV01@@Z
?to_locale@UString@UGS@@QBEPADXZ
?SM_sprintf@@YAPADPBDZZ
?SM_alloc@@YAPAXI@Z
?trim@UString@UGS@@QBE?AV12@XZ
??4UString@UGS@@QAEAAV01@ABV01@@Z
?substr@UString@UGS@@QBE?AV12@II@Z
??0UString@UGS@@QAE@XZ
?find@UString@UGS@@QBEIDI@Z
??0UString@UGS@@QAE@PBD@Z
?TAG_ask_pointer_of_tag@@YAPAXI@Z
?SM_free@@YAXPAX@Z
?SM_alloc_persistent@@YAPAXI@Z
?from_locale@UString@UGS@@SA?AV12@PBD@Z

libufun

uc4504
UF_free
UF_free_string_array
UF_PART_close
UF_PARAM_generate
UF_get_fail_message
UF_UGMGR_terminate
UF_terminate
UF_print_syslog
UF_allocate_memory
UF_NCGROUP_is_group
UF_OBJ_ask_name
UF_NCGROUP_cycle_members
UF_PART_save
UF_NCGROUP_ask_object_of_name
UF_SETUP_ask_program_root
UF_SETUP_ask_setup
UF_CAM_init_session
UF_PART_open
UF_ASSEM_set_assem_options
UF_ASSEM_ask_assem_options
UF_UGMGR_initialize
UF_ask_syslog_filename
UF_set_variable
UF_initialize
UF_MISC_set_program_name
uc4540

libcams

?SetOriginalPartName@OPR@UGS@@QAEXABVUString@2@@Z
?CP_set_save_cut_regions@@YAX_N@Z
?CP_set_save_ipw_facet_model@@YAX_N@Z
?CP_set_use_cut_regions_ref_part@@YAX_N@Z
?CP_set_use_default_ipw_directory@@YAX_N@Z
?CP_set_if_unlink_instance@@YAX_N@Z
?CP_set_if_generate_instance@@YAX_N@Z

msvcr100

_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_CxxThrowException
__CxxFrameHandler3
strncmp
strncpy
__iob_func
fprintf
exit
asctime_s
sprintf_s
vsprintf_s
strcat_s
printf
_localtime64_s
_time64
strstr

msvcp100

?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
SetUnhandledExceptionFilter
EncodePointer
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

?NXSigningResource@@YAXXZ

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1412827d7122fb52d0b9e5013207a7d4

Headers

DLL Characteristics

File Characteristics

Imports

libsyss

libufun

libcams

msvcr100

msvcp100

kernel32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 18KB - Virtual size: 21KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 18KB - Virtual size: 21KB