2e31aa657f418a52a029b3036c7e84ed7f5ccebab2ebc5dd54a5d01439ccc3ff

General

Target

2e31aa657f418a52a029b3036c7e84ed7f5ccebab2ebc5dd54a5d01439ccc3ff
Size

56KB
MD5

8371bfdc884a7fb8b6a3cf49925c2142
SHA1

8a7c56460d1532dc0f2616275d18461f1d54a17e
SHA256

2e31aa657f418a52a029b3036c7e84ed7f5ccebab2ebc5dd54a5d01439ccc3ff
SHA512

50e4cdadf97ee48fa003b4d0f847487d0e37e131ed33d538160617a272a07020b8cb1b2781d91931f306a18ed0fa3f7acb4c1acfba4da2c4f128e4ab70a9541a
SSDEEP

768:+9L+8cF4RVicJJTISOJofidEEgzHEGzhK+9sWAUJV2Ghfwcw:2LfLucJa2qd4EuhK+9shUJVT4cw

Score

N/A

Malware Config

Signatures

Files

2e31aa657f418a52a029b3036c7e84ed7f5ccebab2ebc5dd54a5d01439ccc3ff
.dll windows x86

396cd569b0620e3555515230b279a3ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sa

CreateSAFactory

li

?CreateLogInfo@@YAPAVILogInfo@@XZ

mfc42

ord5300
ord5302
ord2725
ord4079
ord4698
ord3346
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3079
ord825
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord2396
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord5199
ord1168
ord1089
ord1176
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord540
ord2818
ord535
ord800
ord823
ord1116
ord3262
ord3136
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269

msvcrt

memset
strcat
strcpy
memcpy
__CxxFrameHandler
toupper
strlen
strrchr
_EH_prolog
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
strcmp
memcmp
_purecall
sprintf
_strnicmp

kernel32

GetLastError
GetVolumeInformationA
GetVersion
GetVersionExA
CreateMutexA
CloseHandle
DeviceIoControl
CreateFileA
GetLogicalDrives
ReleaseMutex
WaitForSingleObject
GetModuleFileNameA
GetModuleHandleA
WideCharToMultiByte
Sleep
LocalFree
LocalAlloc

Exports

Exports

?GetDeviceManager@@YGPAVIDeviceManager@@XZ
?IsFloppyDisk@@YAHW4_MEDIA_TYPE@@@Z

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

396cd569b0620e3555515230b279a3ee

Headers

File Characteristics

Imports

sa

li

mfc42

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB