b8b80cc5ef5485995541d46ee972c228750de2ac8fe58b30afd29e4edf398a52

General

Target

b8b80cc5ef5485995541d46ee972c228750de2ac8fe58b30afd29e4edf398a52
Size

54KB
MD5

4b3e466bf19cb59bb3f2ae82e122c561
SHA1

fed678bb190ef94070f4f4c47dd4136687b61067
SHA256

b8b80cc5ef5485995541d46ee972c228750de2ac8fe58b30afd29e4edf398a52
SHA512

86e262af8ad579ed874ac34aadfd17fbb3c1a80b7bd85266d80ece5b32ced42e65f238607a71c786c19fa956e9a70809b49519b8fd6176c22d4c6bddac9ce9f8
SSDEEP

1536:CTWY4uBs2LHbd0Pu+A5CiwC8jDLZnjkcTpA:CTWlYfLHbdCZAQiwC8jDLZnH

Score

N/A

Malware Config

Signatures

Files

b8b80cc5ef5485995541d46ee972c228750de2ac8fe58b30afd29e4edf398a52
.exe windows x86

bc0ec6b7ebed4403605f15cd5dcd9766

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libnsr

pclose
popen
find_nsrdir

liblocal

Win32OSVersion

advapi32

RegOpenKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegDeleteKeyA

kernel32

MultiByteToWideChar
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeA
LCMapStringW
GetStringTypeW
GetCommandLineA
GetVersion
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
WriteFile
GetEnvironmentStrings
FreeEnvironmentStringsW
VirtualAlloc
HeapFree
GetCPInfo
GetACP
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
LCMapStringA
GetLastError
FlushFileBuffers
GetProcAddress
LoadLibraryA
CloseHandle
SetStdHandle

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 101KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

okvazlg
Size: 29KB - Virtual size: 80KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc0ec6b7ebed4403605f15cd5dcd9766

Headers

File Characteristics

Imports

libnsr

liblocal

advapi32

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 952B

.data Size: 5KB - Virtual size: 9KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 101KB - Virtual size: 128KB

okvazlg Size: 29KB - Virtual size: 80KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 952B

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 101KB - Virtual size: 128KB

okvazlg
Size: 29KB - Virtual size: 80KB