82edbdef7161e11f4a68baf2d5ac48855babef9fbbd871eaaa5e3a65449b6ee9

Sharing

Copy URL Twitter E-mail

General

Target

82edbdef7161e11f4a68baf2d5ac48855babef9fbbd871eaaa5e3a65449b6ee9
Size

810KB
MD5

773937298617d94a843b92b202977766
SHA1

7bf7ebcd83e23d32971ca7f8b981068f03e93b48
SHA256

82edbdef7161e11f4a68baf2d5ac48855babef9fbbd871eaaa5e3a65449b6ee9
SHA512

ef2e179c1176f2a0aafd802e8a1ebc4d9cee38f49567499d233232687c44f78d114c0463e63263cd63b340ca9abf00221ff2e34a9d0026b5e5607d9fa825c0fa
SSDEEP

24576:FUY75gG+R/MxQBXiP01CgN9/MUcJaNQuOSsuJ1dR:qY7B+9MKBx8g7/MUc86N2J1

Score

N/A

Malware Config

Signatures

Files

82edbdef7161e11f4a68baf2d5ac48855babef9fbbd871eaaa5e3a65449b6ee9
.exe windows x86

83ae35ae74a0cc5e68761e0b02df883d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeMountPointW
CreateThread
FindNextVolumeW
GetStdHandle
GetThreadSelectorEntry
GetAtomNameA
FindFirstFileA
GetNamedPipeInfo
WriteConsoleInputW
LoadModule
GlobalWire
GetStringTypeExW
GetProcessIoCounters
GetSystemInfo
SetEnvironmentVariableW
ExpandEnvironmentStringsA
SetConsoleTitleA
SetConsoleIcon
_lcreat
GlobalAlloc
LocalFlags
IsBadCodePtr
GetConsoleAliasW
WriteConsoleW
FindFirstVolumeA
BindIoCompletionCallback
HeapLock
SetComputerNameA
GetProfileIntW
SetSystemPowerState
GetCPInfoExA
SetStdHandle
GetConsoleTitleA
GetTickCount
SetComputerNameExA
SetConsoleKeyShortcuts
GetSystemDirectoryA
GetLastError
SetVolumeLabelA
SetConsoleScreenBufferSize
GetModuleHandleW
HeapWalk
QueueUserWorkItem
FindFirstChangeNotificationW
SetCalendarInfoA
WriteProcessMemory
WaitCommEvent
VirtualAlloc
GetModuleHandleA
SetErrorMode
GetWriteWatch
GetFileAttributesExA
SetLastConsoleEventActive
SetDefaultCommConfigW
GetMailslotInfo
GetFileAttributesA
EnumerateLocalComputerNamesA
WriteFileEx
ReadFileEx
InterlockedExchange
SetComPlusPackageInstallStatus
EnumResourceTypesA
CallNamedPipeA
CloseHandle
LoadLibraryA
FormatMessageA

ntdll

_wcsupr
ZwQueryInformationProcess
NtProtectVirtualMemory
ZwCompressKey
RtlRandom
RtlSelfRelativeToAbsoluteSD2
RtlFindLongestRunClear
RtlIsNameLegalDOS8Dot3
RtlAddRefActivationContext
RtlQueryHeapInformation
DbgPrintReturnControlC
RtlGetFrame
ZwIsProcessInJob
RtlInitializeContext
_alldiv
NtCompactKeys
RtlPrefixString
ZwSetHighEventPair
RtlUnhandledExceptionFilter
ZwAlertThread
_allshl
ZwFreeUserPhysicalPages
NtWriteFile
RtlUnicodeToMultiByteSize
ZwReplyWaitReceivePort
ZwLoadKey2
NtLoadKey
RtlCreateQueryDebugBuffer
NtQueryMultipleValueKey

oleaut32

SafeArrayRedim
VarR8Round
VarUI4FromR4
VarCyMul
VarUI1FromI1
VarBoolFromDate
VarDateFromUI2
SafeArrayGetUBound
VarBoolFromI2
SafeArrayCopyData
SafeArrayCreateVector
VarR4FromDec
VarUI1FromI8
VarDecCmpR8
SafeArrayUnlock
VarBoolFromDec
SafeArrayAccessData
VARIANT_UserUnmarshal
VarDateFromI2
VarUI1FromUI8
VarI2FromR8
VarDecFromUI8
VarI8FromUI4
DosDateTimeToVariantTime
SysReAllocStringLen
VarUI4FromStr
VarCyCmp
LHashValOfNameSys
VarBoolFromDisp
VarDateFromStr
RevokeActiveObject
VarEqv
VarUI8FromR4

Sections

.text
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83ae35ae74a0cc5e68761e0b02df883d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

oleaut32

Sections

.text Size: 393KB - Virtual size: 392KB

.rdata Size: 134KB - Virtual size: 134KB

.data Size: 192KB - Virtual size: 1.5MB

.rsrc Size: 88KB - Virtual size: 88KB

.reloc Size: 1024B - Virtual size: 964B

.text
Size: 393KB - Virtual size: 392KB

.rdata
Size: 134KB - Virtual size: 134KB

.data
Size: 192KB - Virtual size: 1.5MB

.rsrc
Size: 88KB - Virtual size: 88KB

.reloc
Size: 1024B - Virtual size: 964B