a986080df6b0ed5207929988919e836801695f46a61a1201eba3104acaa43639

Sharing

Copy URL

Twitter E-mail

General

Target

a986080df6b0ed5207929988919e836801695f46a61a1201eba3104acaa43639
Size

559KB
MD5

c8b4b643837c8d1909b3529a0c707000
SHA1

f92e9db338fd9e821a9789f43a3f0aa75a345526
SHA256

a986080df6b0ed5207929988919e836801695f46a61a1201eba3104acaa43639
SHA512

551a6de8152b0e5059e4f8cabb31ccb810f7c856ee7f00c59a303a33df82f1c925eccb922d613c6468cb1268570e8d69aa3ec7ac442dd3d031e1955951afb24f
SSDEEP

12288:sR5D/3//jPX0BGsLFS7d1SStHGkc980p82ehSL4dW:EzHjSxCd1SStHA86ehSL4d

Score

N/A

Malware Config

Signatures

Files

a986080df6b0ed5207929988919e836801695f46a61a1201eba3104acaa43639
.exe windows x86

43aa1d44257981efe69d8ac377559d4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualAlloc
SetStdHandle
GetVolumeNameForVolumeMountPointW
LocalSize
PostQueuedCompletionStatus
GetTickCount
SetMailslotInfo
SetFilePointer
EnumLanguageGroupLocalesW
HeapCreate
ReleaseMutex
EnumResourceNamesW
ReadConsoleInputExW

tapi32

lineMakeCall
lineTranslateDialogW
lineBlindTransferA
lineSetDevConfigA

mscms

UninstallColorProfileW
InternalGetPS2ColorSpaceArray
CreateColorTransformA
EnumColorProfilesA
GetColorProfileHeader
OpenColorProfileW
InternalGetPS2CSAFromLCS

advapi32

GetSidIdentifierAuthority
MakeAbsoluteSD
LogonUserA
LsaQueryInformationPolicy
RegOpenCurrentUser
SetSecurityDescriptorOwner
GetSidLengthRequired
RegSetKeySecurity
ReportEventA
GetSidSubAuthorityCount

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 150KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 54KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 103KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 92KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 82KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43aa1d44257981efe69d8ac377559d4f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

mscms

advapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.bss Size: 150KB - Virtual size: 160KB

.edata Size: 54KB - Virtual size: 118KB

.bss Size: 103KB - Virtual size: 137KB

DATA Size: 92KB - Virtual size: 187KB

DATA Size: 82KB - Virtual size: 138KB

.rsrc Size: 59KB - Virtual size: 59KB

.reloc Size: 512B - Virtual size: 218B

.text
Size: 16KB - Virtual size: 15KB

.bss
Size: 150KB - Virtual size: 160KB

.edata
Size: 54KB - Virtual size: 118KB

.bss
Size: 103KB - Virtual size: 137KB

DATA
Size: 92KB - Virtual size: 187KB

DATA
Size: 82KB - Virtual size: 138KB

.rsrc
Size: 59KB - Virtual size: 59KB

.reloc
Size: 512B - Virtual size: 218B