93ecf589bd3bcf05e41afb5e0a986beaca8875220999c8f2787af8f9d3095e32

Sharing

Copy URL Twitter E-mail

General

Target

93ecf589bd3bcf05e41afb5e0a986beaca8875220999c8f2787af8f9d3095e32
Size

28KB
MD5

c0e8d0a7eb429a8b3af6faf1a60abbe1
SHA1

266755d0fbcee1caac71987d8f561eb2669bf337
SHA256

93ecf589bd3bcf05e41afb5e0a986beaca8875220999c8f2787af8f9d3095e32
SHA512

a882a0deffacfb4f733b65d0b65fc0001c065156492f90791148ee88d78fa109f0d71f5c560015b6ba75a351923d169fc63f8864bf80e501da1da10110d80dcc
SSDEEP

384:SCUonoYo2qEzTZWHiwViSJRp4S62yvKXrQB:hoYo2qEzdWCQfJRp4RC

Score

N/A

Malware Config

Signatures

Files

93ecf589bd3bcf05e41afb5e0a986beaca8875220999c8f2787af8f9d3095e32
.exe windows x86

a8c22bddb40842084d535ee12f363131

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mssign32

PvkPrivateKeyLoad
PvkPrivateKeyLoad
PvkPrivateKeyLoad

mtxoci

MTxOciInit
MTxOciInit
MTxOciInit
MTxOciInit

msoert2

CreateLogFile
CreateLogFile
CreateLogFile
CreateLogFile

nddeapi

NDdeGetTrustedShareA
NDdeGetTrustedShareA
NDdeGetTrustedShareA
NDdeGetTrustedShareA

dciman32

DCICreateOverlay
DCICreateOverlay

kernel32

ReplaceFileA
GetACP
RtlMoveMemory
SetComputerNameA
QueryDosDeviceA
CreateJobObjectW
ReadConsoleOutputW
RegisterWowExec
Beep
_lopen
GetProfileIntW
TerminateProcess
TerminateProcess
GetSystemDirectoryA
ReadFile
ReplaceFileA
GetACP
RtlMoveMemory
SetComputerNameA
QueryDosDeviceA
CreateJobObjectW
ReadConsoleOutputW
RegisterWowExec
Beep
GetProfileIntW
TerminateProcess
TerminateProcess
GetSystemDirectoryA

pdh

PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA
PdhEnumObjectsHA
PdhEnumObjectsHW
PdhEnumObjectsW
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA
PdhEnumObjectsHA
PdhEnumObjectsHW
PdhEnumObjectsW
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA
PdhEnumObjectsHA
PdhEnumObjectsHW
PdhEnumObjectsW
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA

msvcrt

fopen
fread

Sections

.text
Size: 2KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 10KB - Virtual size: 70KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8c22bddb40842084d535ee12f363131

Headers

File Characteristics

Imports

mssign32

mtxoci

msoert2

nddeapi

dciman32

kernel32

pdh

msvcrt

Sections

.text Size: 2KB - Virtual size: 34KB

.DATA Size: 10KB - Virtual size: 70KB

.reloc Size: 13KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 34KB

.DATA
Size: 10KB - Virtual size: 70KB

.reloc
Size: 13KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 2KB