cf4249577bde72e4786ee0a4b7eb962bc05ebae9a9b84b4f4e29175a104388c7

Sharing

Copy URL Twitter E-mail

General

Target

cf4249577bde72e4786ee0a4b7eb962bc05ebae9a9b84b4f4e29175a104388c7
Size

924KB
MD5

06b2102d26893603be053d26f7bd2e77
SHA1

5f0b20f7b22ab6e9c89534a9d53ea28ffa6886f9
SHA256

cf4249577bde72e4786ee0a4b7eb962bc05ebae9a9b84b4f4e29175a104388c7
SHA512

0a934104b0ea0a79ea7f66c3e6c38098451a4c2ee3768c97f681431c60db16346653abaaea5f1749643bb3c701e2c4c67812328da9cd347f783f06ebd2d992e2
SSDEEP

3072:/2ZAPff6y8lRyDNp6vZUM6nPKlPc5ZnLU0mtd+9Lwlt:JPxER4NQZ76ni2nL+tK0

Score

N/A

Malware Config

Signatures

Files

cf4249577bde72e4786ee0a4b7eb962bc05ebae9a9b84b4f4e29175a104388c7
.exe windows x86

2edef60078b5a76b487cdb25752abcd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
DeviceIoControl
DisableThreadLibraryCalls
FindResourceExW
GetOverlappedResult
GetProcessHeap
HeapCompact
MoveFileExA
CompareStringA
CreateFileA
DeleteVolumeMountPointA
EnumResourceNamesW
FoldStringA
FreeLibrary
GetACP
GetCompressedFileSizeA
GetCurrentProcess
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
LCMapStringA
LocalFree
QueueUserWorkItem
SetEvent
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObject
WideCharToMultiByte
lstrcmpA
GetComputerNameA
GetCurrentConsoleFont
GetProcAddress
GetTickCount
LoadLibraryW
LocalAlloc
MultiByteToWideChar
ResetWriteWatch
VirtualAlloc
CreateRemoteThread
HeapFree
HeapAlloc
GetCurrentDirectoryA
GetLastError
SetCurrentDirectoryA
HeapCreate
VirtualFree
GetCPInfo
ExitProcess
GetModuleHandleA
WriteFile
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetOEMCP
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapReAlloc
IsBadWritePtr
RtlUnwind
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
RaiseException
GetStringTypeA
GetStringTypeW
CompareStringW
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
ReadFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
InitializeCriticalSection
InterlockedExchange
QueryPerformanceCounter
GetExitCodeProcess
CreateProcessA
GetFileAttributesA
CreateProcessW
GetFileAttributesW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
HeapSize
LoadLibraryA
SetConsoleCtrlHandler
FlushFileBuffers
SetEnvironmentVariableA

ole32

CreateClassMoniker
CoUninitialize
CoCreateGuid
HBITMAP_UserUnmarshal
CoGetPSClsid
CLIPFORMAT_UserUnmarshal
StringFromGUID2
IIDFromString
CLSIDFromString
OleIsRunning
CLIPFORMAT_UserSize

rpcrt4

NdrPointerMemorySize
NdrConformantStructUnmarshall
I_RpcPauseExecution
NdrServerMarshall
I_RpcServerUseProtseqEp2A
RpcMgmtStatsVectorFree
RpcCancelThread
NDRCContextMarshall
RpcObjectSetInqFn

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 584KB - Virtual size: 581KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2edef60078b5a76b487cdb25752abcd9

Headers

File Characteristics

Imports

kernel32

ole32

rpcrt4

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 584KB - Virtual size: 581KB

.data Size: 200KB - Virtual size: 210KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 584KB - Virtual size: 581KB

.data
Size: 200KB - Virtual size: 210KB