e346aecd6ca321b17028e42b5164befc8165c0a3c3ef83898704766e8c934224

Sharing

Copy URL Twitter E-mail

General

Target

e346aecd6ca321b17028e42b5164befc8165c0a3c3ef83898704766e8c934224
Size

22KB
MD5

0ebcd0ab65a2393f2c11866592f8c0e2
SHA1

7570b11c5cd84e3b1dbb5cbd5d9d91fc522dac3a
SHA256

e346aecd6ca321b17028e42b5164befc8165c0a3c3ef83898704766e8c934224
SHA512

7bd54678726a59d02971f7ef6bc040a184c422cca797e924152cb83340d6a011d64331c4b0a9a74162b1bbb63c3939458cbdd76ee4c488ff09338d4b8da9a1de
SSDEEP

384:XMWL81dE3Ph2HKl7i+uBTFcHR+pDHXnDt/so+lGKCgIDseWsR9J6hln9JN9JV9Jh:8W2E36Kl7zuBRcgpLDD9wBZCSwAbAYco

Score

N/A

Malware Config

Signatures

Files

e346aecd6ca321b17028e42b5164befc8165c0a3c3ef83898704766e8c934224
.exe windows x86

2101b621715c30ed0e4f14f31d6b7618

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
lstrlenW
CloseHandle
SetFileAttributesW
ReadFile
SetFilePointer
GetLastError
CreateFileW
InitializeCriticalSection
GetModuleHandleW
GetCommandLineW
GetVolumeNameForVolumeMountPointW
CreateDirectoryW
RemoveDirectoryW
GetModuleHandleA
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
CreateFileMappingW
InterlockedExchange
WriteFile
ExitProcess
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

ole32

CoTaskMemFree
CoInitialize
CoInitializeSecurity
CLSIDFromString
CoUninitialize
StringFromGUID2

vssapi

?CreateVssBackupComponents@@YGJPAPAVIVssBackupComponents@@@Z
ord6

mfc71u

ord764
ord762
ord757
ord1197
ord566

msvcr71

malloc
wcsncpy
_wctime
wcscat
wcscpy
_wsplitpath
memset
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
wcslen
exit
__p___winitenv
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
_controlfp
free
__CxxFrameHandler
_vsnwprintf
_except_handler3
_wcsicmp
_wcsnicmp
_cexit
_ftime

msvcp71

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2101b621715c30ed0e4f14f31d6b7618

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

vssapi

mfc71u

msvcr71

msvcp71

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 332B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 332B

.rsrc
Size: 3KB - Virtual size: 2KB