db8b31d0485bcd22c5f6c28b3bf22038ef4b62befcdca114fe7761b9f5b7f171

Sharing

Copy URL Twitter E-mail

General

Target

db8b31d0485bcd22c5f6c28b3bf22038ef4b62befcdca114fe7761b9f5b7f171
Size

799KB
MD5

b46aa6933f35bcea37074edbacec0c56
SHA1

77d629831f99fa4c05b0584bbfc01eb4242bafa6
SHA256

db8b31d0485bcd22c5f6c28b3bf22038ef4b62befcdca114fe7761b9f5b7f171
SHA512

974514958864395b7063a5bd98f7924e2c6a0fed51e3c3617a4a4511df3c5681a6f61aaa721c8be447175d489b7e882d8d27e1f95eb54872c83c431877d98311
SSDEEP

12288:CMRuDsJDVOqowVGwE8jyzRWkuwytKVrfw1Y33+kE5G+9frm:WIJDdoo91GuwKK9ff3ch9Dm

Score

N/A

Malware Config

Signatures

Files

db8b31d0485bcd22c5f6c28b3bf22038ef4b62befcdca114fe7761b9f5b7f171
.exe windows x86

8657c3250644712f89ca2601cd1ccf3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
GetFullPathNameA
FreeConsole
GetStringTypeA
GetFileSizeEx
SetFileAttributesA
GetCurrencyFormatA
SetEndOfFile
GetCPInfo
SetThreadPriorityBoost
CreateWaitableTimerA
GetSystemDirectoryA
FindAtomA
Module32First
CreateHardLinkA
CreateWaitableTimerW
OpenJobObjectA
ReleaseSemaphore
FreeUserPhysicalPages
MapUserPhysicalPages
GetLogicalDriveStringsA
GetCPInfoExA
SetCurrentDirectoryA
FindVolumeClose
GetHandleInformation
GetPrivateProfileIntA
GetPrivateProfileStructW
FindResourceW
ReadFile
SetConsoleTextAttribute
FindFirstVolumeW
ChangeTimerQueueTimer
CancelWaitableTimer
ReplaceFileA
GetConsoleWindow
GetVolumePathNameA
DuplicateHandle
GetProfileStringW
GetPrivateProfileStructA
SetCalendarInfoW
GetFileInformationByHandle
SetFileAttributesW
ReadDirectoryChangesW
SetThreadExecutionState
CopyFileExW
GetVersion
DeleteAtom
GetProcessAffinityMask
CreateDirectoryExA
SetThreadAffinityMask
IsSystemResumeAutomatic
GetProfileIntA
GetAtomNameW
GetCalendarInfoW
SwitchToThread
CompareStringA
VirtualAlloc
GetProcessWorkingSetSize
SetThreadContext
FlushInstructionCache
OpenWaitableTimerW
ReplaceFileW
GetStringTypeExW
SetSystemTimeAdjustment
FindResourceExW
GetCurrencyFormatW
GetSystemWindowsDirectoryW
OpenSemaphoreW
LCMapStringW
GetPrivateProfileIntW
CreateJobObjectW
LoadResource
SetThreadLocale
CreateHardLinkW
CreateTimerQueue
CreateDirectoryA
CreateDirectoryW
SetComputerNameExW
SetSystemPowerState
MapViewOfFileEx
DosDateTimeToFileTime
GetModuleFileNameW
FreeEnvironmentStringsW
CreateNamedPipeA
GetLongPathNameW
SetCurrentDirectoryW
SetMailslotInfo
Module32Next
CreateDirectoryExW
GetProfileSectionW
FormatMessageW
WideCharToMultiByte
GetCurrentDirectoryA
MapUserPhysicalPagesScatter
GetConsoleScreenBufferInfo
SetCalendarInfoA
GetNumberFormatW
CreateIoCompletionPort
GetModuleHandleA
GetDateFormatA
GetProcAddress
SetEvent
OpenSemaphoreA
GetSystemDefaultUILanguage
Module32FirstW
GetConsoleCP
GetConsoleAliasA
GetCurrentConsoleFont
GetAtomNameA
CreateEventW
AreFileApisANSI
GetConsoleAliasExesLengthA
FoldStringW
OpenMutexW
GetThreadLocale
DeleteTimerQueueEx
ResetWriteWatch
MoveFileWithProgressA
PeekNamedPipe
OpenEventA
GetProcessVersion
GetNumberOfConsoleInputEvents
GetConsoleAliasesW
GetTempPathA
GetPrivateProfileSectionNamesA
GetDiskFreeSpaceExA
MapViewOfFile
GetTimeFormatW
ReadProcessMemory
ContinueDebugEvent
GetNamedPipeInfo
ResetEvent
GetWindowsDirectoryW
ExpandEnvironmentStringsA
GetCalendarInfoA
GetNumberFormatA
SetComputerNameExA
IsValidCodePage
GetPrivateProfileStringW
GetFileAttributesW
EnumCalendarInfoExA
CancelIo
FoldStringA
GetProfileIntW
GetPrivateProfileSectionA
CreateFileMappingA
GetCommandLineA
HeapSetInformation
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapFree
Sleep
GetACP
GetOEMCP
RtlUnwind
HeapSize
HeapAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeW
IsProcessorFeaturePresent

advapi32

LookupAccountSidW
GetAclInformation
RegCreateKeyW
OpenProcessToken
LookupAccountNameW
RegDeleteKeyA
GetSidSubAuthority
RegNotifyChangeKeyValue
GetSecurityDescriptorLength
CopySid
RegDeleteValueW
RegQueryValueW
SetEntriesInAclW
CheckTokenMembership
RegSetValueExA
CloseServiceHandle
ReportEventW
OpenSCManagerW
RegEnumValueW
CryptDestroyHash
IsValidSid
RegFlushKey
ChangeServiceConfigW
RegQueryInfoKeyW
RegOpenKeyW
RegCreateKeyExW
DuplicateTokenEx

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 678KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8657c3250644712f89ca2601cd1ccf3c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 406KB - Virtual size: 405KB

.data Size: 312KB - Virtual size: 678KB

.tls Size: 6KB - Virtual size: 5KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 406KB - Virtual size: 405KB

.data
Size: 312KB - Virtual size: 678KB

.tls
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 10KB - Virtual size: 10KB