a718679ed2b905967c51cfed64a807bdb353f489f2f74f25c308b915cf6880cb

Sharing

Copy URL Twitter E-mail

General

Target

a718679ed2b905967c51cfed64a807bdb353f489f2f74f25c308b915cf6880cb
Size

849KB
MD5

8c3bc086e80cd4e487975158f8078e35
SHA1

5971b97b5be5ad4c79e7985c5d7cde8b43100a58
SHA256

a718679ed2b905967c51cfed64a807bdb353f489f2f74f25c308b915cf6880cb
SHA512

c27a9ca21e597dc96e18cd56c4624b04e8bd2ebaebf91132629e6c46804ce0aa08022b93ef250de86d41801a668aba58dfb070d4b2e40a47ac7e4c7fb93127c7
SSDEEP

24576:pPMZFVdl3HH6Nf13KF8+RAIE2sDIk6DEtqvJ/:Sn3HH6nKF8+RAIOb8EAh/

Score

N/A

Malware Config

Signatures

Files

a718679ed2b905967c51cfed64a807bdb353f489f2f74f25c308b915cf6880cb
.exe windows x86

ef1e7567c8e25e53d6c841f84bf3bbf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
MessageBoxA

msvcrt

mblen
fprintf
_wcsupr
sin
_fputchar
_Strftime
_tempnam
__fpecode
putchar
_ismbcdigit
_getpid
_wsetlocale
_strset
_wexeclpe
??0exception@@QAE@XZ
_mbschr
_findfirsti64
getwc
_adj_fptan
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
??_7bad_cast@@6B@

kernel32

ExpandEnvironmentStringsA
VirtualAlloc
GetConsoleAliasExesLengthA
CancelIo
InitializeCriticalSection
LZInit
DuplicateHandle
CancelTimerQueueTimer
GetSystemTimeAsFileTime
LCMapStringA
ResetEvent
LockResource
AddRefActCtx
HeapSummary
IsBadStringPtrA
SetComputerNameW
GlobalGetAtomNameW
FindActCtxSectionGuid
EnumDateFormatsA
CreateWaitableTimerW
FatalAppExitW
MoveFileWithProgressA
SetVolumeMountPointW
LoadLibraryA
GetModuleHandleW
GetLocaleInfoA
HeapDestroy

msacm32

acmStreamConvert
acmFormatChooseA
acmDriverOpen
acmFormatChooseW
acmMetrics
acmDriverRemove
acmMessage32
acmFilterEnumW
acmStreamSize
acmStreamReset
acmDriverAddA
acmDriverDetailsA
acmDriverDetailsW
acmFilterTagDetailsA
acmFormatTagDetailsA
acmFormatTagEnumW
acmStreamClose
acmDriverEnum
acmDriverClose
acmFormatDetailsW
acmFilterChooseW

imagehlp

SymInitialize
SymRegisterCallback64
ImageGetCertificateData
MakeSureDirectoryPathExists
FindExecutableImageEx
StackWalk
ImageUnload
SymGetLinePrev
SymGetModuleInfoW64
TouchFileTimes
SymGetModuleInfo
SymRegisterFunctionEntryCallback64
StackWalk64
FindDebugInfoFileEx
RemovePrivateCvSymbolic
MapAndLoad
SymEnumerateSymbolsW
SymUnDName
SymFunctionTableAccess
MapDebugInformation
GetImageConfigInformation
UnDecorateSymbolName
ImagehlpApiVersionEx

crtdll

__doserrno
_dup
_execlp
_lseek
_fpreset
_open_osfhandle
_mbsinc
_memicmp
wcscmp
_mbstrlen
_strset
_mkdir
strcmp
_rotr
_mbsnbicmp
bsearch
_isctype

shell32

SHGetMalloc

Sections

.text
Size: 717KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef1e7567c8e25e53d6c841f84bf3bbf7

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

kernel32

msacm32

imagehlp

crtdll

shell32

Sections

.text Size: 717KB - Virtual size: 716KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 717KB - Virtual size: 716KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB