93be11b09604e2d2621543676df9768597f58fcfbc6746dc8f96ed0795a4f55c

Sharing

Copy URL Twitter E-mail

General

Target

93be11b09604e2d2621543676df9768597f58fcfbc6746dc8f96ed0795a4f55c
Size

825KB
MD5

0e4eeca80a3acf03601ec1fc27431f67
SHA1

85a39e15b16ef020eae60c0e91f4bb26cdd3b003
SHA256

93be11b09604e2d2621543676df9768597f58fcfbc6746dc8f96ed0795a4f55c
SHA512

d6fdee7cf051641b4c2f1ae20fd9f6383d295b0162a54a9fc66be6268b20503b2ed7f0389e6aa94f10377ac3b047303e8c962d6833950d359195429aa99188d4
SSDEEP

24576:7KG0U1G0gX24Q/xOi9JZ0BCLrsaqeewbQXj:7KG0U16q/Dt00qe1m

Score

N/A

Malware Config

Signatures

Files

93be11b09604e2d2621543676df9768597f58fcfbc6746dc8f96ed0795a4f55c
.exe windows x86

f8d9e319446648df19b4387f1f7d95c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

SymGetSearchPath
SymGetTypeInfo
SymUnloadModule64
ImageRemoveCertificate
FindDebugInfoFile
FindFileInPath
GetImageConfigInformation
ImageRvaToSection
EnumerateLoadedModules
SymGetLineNext
UpdateDebugInfoFileEx
GetImageUnusedHeaderBytes
SymFunctionTableAccess
SymGetModuleInfoW
RemovePrivateCvSymbolic
CheckSumMappedFile
SymGetSymPrev64
EnumerateLoadedModules64
SymCleanup
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
SymGetLineNext64
SymFromName
UnDecorateSymbolName

mfcsubs

?MakeLower@CString@@QAEXXZ
?FreeDataChain@CPlex@@QAEXXZ
??0CString@@QAE@ABV0@@Z
?SetAt@CStringArray@@QAEXHPBG@Z
?FormatV@CString@@IAEXPBGPAD@Z
?InsertAt@CStringArray@@QAEXHPAV1@@Z
??M@YG_NABVCString@@PBG@Z
??9@YG_NABVCString@@PBG@Z
?GetCount@CMapStringToPtr@@QBEHXZ
?AssignCopy@CString@@IAEXHPBG@Z
?FreeExtra@CStringArray@@QAEXXZ
?IsEmpty@CMapStringToPtr@@QBEHXZ
?GetUpperBound@CStringArray@@QBEHXZ
?Init@CString@@IAEXXZ
??H@YG?AVCString@@PBGABV0@@Z
??H@YG?AVCString@@ABV0@0@Z
?ConcatInPlace@CString@@IAEXHPBG@Z
?GetHashTableSize@CMapStringToPtr@@QBEIXZ
??YCString@@QAEABV0@D@Z
??_FCMapStringToPtr@@QAEXXZ

kernel32

MapUserPhysicalPagesScatter
PeekNamedPipe
OutputDebugStringW
GetLastError
GenerateConsoleCtrlEvent
QueryMemoryResourceNotification
WriteConsoleOutputW
GlobalUnfix
FindFirstVolumeA
GetProcessHeap
GetStringTypeA
GetCommModemStatus
lstrcat
CallNamedPipeW
GetStringTypeW
DosDateTimeToFileTime
MoveFileExA
LZRead
SetConsoleInputExeNameA
GetProcessIoCounters
LoadLibraryW
VirtualAllocEx
LZOpenFileW
GetUserDefaultLCID
GetBinaryType
AddLocalAlternateComputerNameA
SetLastError
GetTickCount
GetComputerNameW
GetConsoleCommandHistoryLengthA
FindAtomA
GetNumberFormatA
LocalHandle
GetProcAddress
GetCalendarInfoW
GetModuleFileNameW
GetFileType
CopyFileExW
GetProcessTimes
SetWaitableTimer
PrivMoveFileIdentityW
CreateMemoryResourceNotification
SetConsoleKeyShortcuts
GetCompressedFileSizeW
CreateMailslotW
SetConsoleCursorInfo

iphlpapi

do_echo_rep
NotifyRouteChange
GetRTTAndHopCount
GetTcpStatisticsEx
IcmpCreateFile
GetUdpStatisticsEx
InternalSetIpNetEntry
IpRenewAddress
InternalGetIpAddrTable
GetIpNetTable
_PfSetLogBuffer@28
_PfAddGlobalFilterToInterface@8
NTTimeToNTPTime
GetIpAddrTable

ntdll

iswctype
RtlEnumProcessHeaps
LdrLoadDll
strpbrk
RtlAddressInSectionTable
NtMapUserPhysicalPages
RtlSetSaclSecurityDescriptor
RtlConvertToAutoInheritSecurityObject
DbgPrint
LdrShutdownThread
RtlGetNativeSystemInformation
NtQuerySystemInformation
RtlInitNlsTables
NtIsSystemResumeAutomatic
RtlCaptureStackBackTrace
RtlTimeToElapsedTimeFields

Sections

.text
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8d9e319446648df19b4387f1f7d95c6

Headers

DLL Characteristics

File Characteristics

Imports

imagehlp

mfcsubs

kernel32

iphlpapi

ntdll

Sections

.text Size: 373KB - Virtual size: 372KB

.rdata Size: 117KB - Virtual size: 116KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 176KB - Virtual size: 175KB

.reloc Size: 1024B - Virtual size: 864B

.text
Size: 373KB - Virtual size: 372KB

.rdata
Size: 117KB - Virtual size: 116KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 176KB - Virtual size: 175KB

.reloc
Size: 1024B - Virtual size: 864B