f378f84d0ef3d5d53dbc63864fbb5f65deff552d5a82ee89a7171a4d02c40a97

Sharing

Copy URL Twitter E-mail

General

Target

f378f84d0ef3d5d53dbc63864fbb5f65deff552d5a82ee89a7171a4d02c40a97
Size

49KB
MD5

cd14d5911edc666fe1a9f4c05e45d598
SHA1

519770687c099fe76f1234b20d09431a7548b76d
SHA256

f378f84d0ef3d5d53dbc63864fbb5f65deff552d5a82ee89a7171a4d02c40a97
SHA512

474330ea92762bd66172ca7ca7dda17725fff6c68a57e23e06510f67becac057466e4035af920bd21b8ace25bbeb57d439cb815a266723bc86c0098f05939251
SSDEEP

768:BbWA3G6N22QHCi/vy3jihsfHOQOeSC/qVTEpSEzpU/qpEwqFs2JfBUG/LPzM9:1dJN2H9vyGKStOxEwqW2J5UGTPzM9

Score

N/A

Malware Config

Signatures

Files

f378f84d0ef3d5d53dbc63864fbb5f65deff552d5a82ee89a7171a4d02c40a97
.exe windows x86

99d18d024a4289e3622ff53054353ab3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rtm

RtmReleaseNextHopInfo
RtmReadAddressFamilyConfig
RtmDeleteRouteToDest
RtmGetRouteAge
RtmBlockSetRouteEnable
RtmGetMostSpecificDestination
RtmGetAddressFamilyInfo
RtmDeleteRouteTable
RtmCreateEnumerationHandle
RtmRegisterEntity
RtmGetRouteInfo
MgmGetNextMfe
MgmTakeInterfaceOwnership
RtmGetRoutePointer
RtmGetEntityMethods
RtmGetInstances

dbghelp

ImageDirectoryEntryToData
MiniDumpWriteDump
SymGetLineNext64
SymGetSymPrev
SymGetLineFromAddr64
WinDbgExtensionDllInit
SymGetLinePrev64
SymEnumerateModules
SymGetSymFromAddr
SymGetLineNext
UnmapDebugInformation
SymMatchFileName
UnDecorateSymbolName
MiniDumpReadDumpStream
SymGetTypeFromName
ImageDirectoryEntryToDataEx

kernel32

LZClose
SetSystemTimeAdjustment
FreeResource
GetFileInformationByHandle
GetCommConfig
RtlUnwind
SetConsoleScreenBufferSize
GetConsoleCursorInfo
GlobalFindAtomA
IsValidLocale
ClearCommError
SetCriticalSectionSpinCount
VirtualAlloc
ReadFile
OpenJobObjectW
QueryDosDeviceA
RemoveVectoredExceptionHandler
HeapFree
GetProcessHeap
LoadLibraryA
AreFileApisANSI
IsValidCodePage

cmutil

CmStrCatAllocA
?CIniW_GetEntryFromReg@CIniW@@IBEPAEPAUHKEY__@@PBG1KK@Z
??0CmLogFile@@QAE@XZ
CmFree
CmLoadImageW
?GetRegPath@CIniA@@QBEPBDXZ
?IsEnabled@CmLogFile@@QAEHXZ
?GetSection@CIniA@@QBEPBDXZ
CmMoveMemory
?SetPrimaryRegPath@CIniW@@QAEXPBG@Z
?GPPI@CIniW@@QBEKPBG0K@Z
CmAtolA
GetOSBuildNumber
?GetRegPath@CIniW@@QBEPBGXZ
?SetRegPath@CIniW@@QAEXPBG@Z

scrrun

DLLGetDocumentation
DoOpenPipeStream

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99d18d024a4289e3622ff53054353ab3

Headers

File Characteristics

Imports

rtm

dbghelp

kernel32

cmutil

scrrun

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 19KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 19KB

.rsrc
Size: 6KB - Virtual size: 5KB