b34ca0793eecdccaea53a05db4b4c4def7b48609ef78568f6f6dfa7e86230f33

Sharing

Copy URL Twitter E-mail

General

Target

b34ca0793eecdccaea53a05db4b4c4def7b48609ef78568f6f6dfa7e86230f33
Size

203KB
MD5

0e8b85eb4678bc6e675f3bd0e34cbbb2
SHA1

a6e44537bf0b44f9294978ee00c917f99488f621
SHA256

b34ca0793eecdccaea53a05db4b4c4def7b48609ef78568f6f6dfa7e86230f33
SHA512

165a823c5529e84dcd3641b0f0cc17ee2b11d195f2d3fff7c34df46c68f34cefef6ae11228f88645634f44274ce75b2a344d22dd32cf763cf7146449628317bd
SSDEEP

6144:X5RJaq8+kUR4fH6Sv/ymKrg7BzumQ8ZMo8:p7aq8+kUiHL/lKrYBzumQEP8

Score

N/A

Malware Config

Signatures

Files

b34ca0793eecdccaea53a05db4b4c4def7b48609ef78568f6f6dfa7e86230f33
.exe windows x86

d786e4eaa2982bcd9f441693deb457ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
WaitForMultipleObjects
GetDiskFreeSpaceW
CreateSemaphoreW
InterlockedExchange
lstrcmpiW
EnterCriticalSection
GetModuleFileNameA
GetACP
GlobalHandle
MultiByteToWideChar
ResetEvent
GlobalAlloc
WaitForSingleObject
VirtualFree
SetUnhandledExceptionFilter
CreateThread
QueryPerformanceCounter
GetCurrentThread
HeapFree
lstrcpynW
GlobalLock
WriteFile
CreateEventW
GetLastError
LeaveCriticalSection
lstrlenA
GetCurrentProcessId
SetEvent
SetFilePointer
lstrlenW
GlobalUnlock
DeleteFileW
GetSystemDefaultLangID
IsBadWritePtr
GetFileSize
GetProcessHeap
LoadLibraryW
GetSystemTimeAsFileTime
GetFullPathNameW
HeapAlloc
GetQueuedCompletionStatus
GetCurrentProcess
ReleaseSemaphore
InterlockedDecrement
SetThreadPriority
GetFileAttributesW
GetTickCount
ReadFile
lstrcmpW
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
CreateFileW
GetTimeZoneInformation
SetEndOfFile
CloseHandle
lstrcpyW
WideCharToMultiByte
GetVersionExW
GetProfileIntA
lstrcpyA
GetSystemInfo
FreeLibrary
IsBadReadPtr
MulDiv
GlobalFree
GetThreadPriority
GlobalMemoryStatus
IsBadCodePtr
InterlockedIncrement

nddeapi

NDdeGetTrustedShareW
NDdeGetShareSecurityW
NDdeIsValidAppTopicListW
NDdeIsValidAppTopicListA
NDdeGetErrorStringA
NDdeGetShareSecurityA
NDdeGetTrustedShareA

user32

LoadStringW
CheckRadioButton
TranslateMessage
ClientToScreen
GetDlgItemInt
CreateDialogParamW
SendMessageW
GetWindowRect
CheckDlgButton
GetAsyncKeyState
IsWindow
GetWindowLongW
DefWindowProcW
InvalidateRect
EnableWindow
SetDlgItemTextW
SetCursor
IsWindowVisible
GetDC
MoveWindow
IsRectEmpty
SetWindowLongW
GetClientRect
ShowWindow
GetDesktopWindow
GetDlgItem
DestroyWindow
LoadCursorW
PeekMessageW
SetDlgItemInt
ReleaseDC
DispatchMessageW

ifsutil

?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?CheckAndAdd@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?AddEntry@AUTOREG@@SGEPBVWSTRING@@@Z
?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?AddVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?AddEdge@DIGRAPH@@QAEEKK@Z
?AddStart@NUMBER_SET@@QAEEVBIG_INT@@@Z

ncobjapi

WmiCommitObject
WmiAddObjectProp
WmiCreateObject
WmiIsObjectActive
WmiDestroyObject
WmiCreateObjectWithProps
WmiSetAndCommitObject
WmiCreateObjectWithFormat
WmiEventSourceConnect
WmiEventSourceDisconnect

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d786e4eaa2982bcd9f441693deb457ab

Headers

File Characteristics

Imports

kernel32

nddeapi

user32

ifsutil

ncobjapi

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 62KB - Virtual size: 2.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 62KB - Virtual size: 2.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB