c8f074168a82b04049280aacebdb6d040db6a4cb741bbe17bd53cb23bdb80e0c

Sharing

Copy URL

Twitter E-mail

General

Target

c8f074168a82b04049280aacebdb6d040db6a4cb741bbe17bd53cb23bdb80e0c
Size

642KB
MD5

50df724bc3d4f27228e67ddb538ff883
SHA1

bd5dc3c5a4541c00d9ce81e5c38d9e15a9c96008
SHA256

c8f074168a82b04049280aacebdb6d040db6a4cb741bbe17bd53cb23bdb80e0c
SHA512

8651b58683bc6d5cf52b8e5b1ebb535147ca7d3580caf839cf4a97c8703f895eed1917038a50088b152b3f2f55bb8667fff554368965b3456993f19f76eae7a0
SSDEEP

12288:TG2C8wNvHLqQaeZ96DN5BrziFPm24pMPZqFwaF/c09z:TFCRvrqQa096DnRziFPm/MQFJFxJ

Score

N/A

Malware Config

Signatures

Files

c8f074168a82b04049280aacebdb6d040db6a4cb741bbe17bd53cb23bdb80e0c
.exe windows x86

3dd3b1eb850b2d0b54733a1eef999741

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDiskFreeSpaceW
Process32First
GetPrivateProfileSectionNamesW
FlushConsoleInputBuffer
Thread32Next
DnsHostnameToComputerNameA
CompareFileTime
HeapQueryInformation
LoadLibraryExA
GetLastError
VirtualFreeEx
SetEnvironmentVariableA
GetConsoleAliasExesLengthA
SetTapePosition
DeleteFiber
GetProcAddress
TlsGetValue
IsDBCSLeadByteEx
VirtualAlloc
TlsFree
SetConsoleCP
GetVolumeInformationW
IsBadHugeWritePtr
_lcreat
EnumUILanguagesA
HeapWalk
GetDateFormatA
Module32First
GetProfileStringW
PrivMoveFileIdentityW
QueueUserAPC
LoadLibraryA
GetAtomNameW
Heap32Next
RequestDeviceWakeup
MulDiv
CreateFileA
VirtualUnlock
MultiByteToWideChar
GetLocaleInfoA
ResetWriteWatch
WriteFileGather
GetStdHandle
CreateFiberEx
EscapeCommFunction
GetVDMCurrentDirectories
CreateDirectoryExA
CreateMutexW
GetConsoleAliasesLengthW
SwitchToFiber

msvcp60

_Toupper

cryptnet

I_CryptNetGetHostNameFromUrl
DllRegisterServer
CertDllVerifyRevocation
CryptGetObjectUrl
CryptRetrieveObjectByUrlW
CryptGetTimeValidObject
I_CryptNetEnumUrlCacheEntry
LdapProvOpenStore
I_CryptNetGetUserDsStoreUrl
CryptInstallCancelRetrieval
CryptRetrieveObjectByUrlA
CertDllVerifyCTLUsage
DllUnregisterServer
CryptUninstallCancelRetrieval
CryptFlushTimeValidObject
CryptCancelAsyncRetrieval

msvbvm60

rtDecFromVar
TipUnloadProject
__vbaStrToUnicode
_CIlog
rtcBstrFromAnsi
rtcSendKeys
__vbaR8IntI4
__vbaR4Sgn
rtcSplit
__vbaVarCmpGt
rtcGetTimeVar
__vbaVarTextTstEq
__vbaVarZero
__vbaAryRebase1Var
rtcCos
__vbaCyAbs
__vbaLsetFixstrFree
__vbaVarTextLikeVar
__vbaFreeObjList
__vbaHresultCheckNonvirt
__vbaCyForNext
__vbaLdZeroAry
EbGetErrorInfo
__vbaLateIdStAd
__vbaCyErrVar
__vbaMidStmtVar
__vbaCyMul
__vbaVarTextCmpGe
__vbaRsetFixstrFree
rtcGetDayOfMonth
__vbaLbound
EVENT_SINK_QueryInterface
__vbaPutFxStr3
TipInvokeMethod
rtcVarFromVar
__vbaStrUI1
GetMem2
Zombie_GetTypeInfoCount
__vbaVarTextTstGe
rtcMIRR
__vbaPut4
PutMemNewObj
BASIC_CLASS_AddRef
GetMem1
__vbaVarTextCmpNe
__vbaOnError

Sections

.rsrc
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 885KB - Virtual size: 884KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 15.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dd3b1eb850b2d0b54733a1eef999741

Headers

File Characteristics

Imports

kernel32

msvcp60

cryptnet

msvbvm60

Sections

.rsrc Size: 179KB - Virtual size: 179KB

.tls Size: 512B - Virtual size: 4KB

.text Size: 885KB - Virtual size: 884KB

.data Size: - Virtual size: 15.4MB

.rsrc
Size: 179KB - Virtual size: 179KB

.tls
Size: 512B - Virtual size: 4KB

.text
Size: 885KB - Virtual size: 884KB

.data
Size: - Virtual size: 15.4MB