cf592165e45195574deb174ec6bf2c5946018c43a230298d44e79bf8861cc9cc

Sharing

Copy URL Twitter E-mail

General

Target

cf592165e45195574deb174ec6bf2c5946018c43a230298d44e79bf8861cc9cc
Size

226KB
MD5

17842ae7416306e2b1a488fc7d9fa000
SHA1

0545c219dbdd855d872b7e7e8cada51262a4617f
SHA256

cf592165e45195574deb174ec6bf2c5946018c43a230298d44e79bf8861cc9cc
SHA512

daf862bd0a6d14016d2c632be8b430142f14dbf35e4e003e306b1fa8093b1f9566ff178d0c7fab9fe483cf6e298a8ed5ee36bcefa7c0b2c6b9ad616e888d536a
SSDEEP

6144:SdxeYGcwsr1euVAl/EoWZO8xbDeJp5b8Y:S6dchZe6o+OIiBb8Y

Score

N/A

Malware Config

Signatures

Files

cf592165e45195574deb174ec6bf2c5946018c43a230298d44e79bf8861cc9cc
.exe windows x86

2f94593076df08d53a6222d7eeb1996d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

vstdlib

VStdLib_GetICVarFactory
KeyValuesSystem

tier0

_AssertValidReadPtr
_AssertValidWritePtr
Error
AssertValidStringPtr
g_pMemAlloc
LoggingSystem_PopLoggingState
LoggingSystem_PushLoggingState
LoggingSystem_RegisterLoggingListener
CommandLine_Tier0
Plat_IsInDebugSession
Plat_DebugString
Warning
LoggingSystem_ResetCurrentLoggingState
ThreadWaitForObjects
ReleaseThreadHandle
CreateSimpleThread
StackToolsNotify_LoadedLibrary
GetThreadedLoadLibraryFunc
?DevWarning@@YAXPBDZZ
?Lock@CThreadFastMutex@@ACEXII@Z
?DevMsg@@YAXPBDZZ
Plat_MessageBox

kernel32

LoadLibraryExA
CreateFileMappingA
CreateProcessA
GetACP
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
WaitForSingleObject
GetExitCodeProcess
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
RtlUnwind
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetDriveTypeA
GetLastError
GetFullPathNameA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
CompareStringW
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
RaiseException
SetEnvironmentVariableW
CloseHandle
ReadFile
SetFilePointer
LoadLibraryA
GetLocaleInfoA
HeapReAlloc
VirtualAlloc
FreeLibrary
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
CompareStringA
SetStdHandle

Exports

Exports

CreateInterface
cvar
g_pCVar

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f94593076df08d53a6222d7eeb1996d

Headers

File Characteristics

Imports

user32

vstdlib

tier0

kernel32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 72KB - Virtual size: 72KB