acf5cbf96ae3ad27d88348cb9d91f42b0f6f48288956a4bba4091bcb3c46197f

Sharing

Copy URL Twitter E-mail

General

Target

acf5cbf96ae3ad27d88348cb9d91f42b0f6f48288956a4bba4091bcb3c46197f
Size

40KB
MD5

922788b8c8198f0ebd69f5bb1665294d
SHA1

48cdad1f0f2e9e5880069fb10d2ebcea1e9d3ed0
SHA256

acf5cbf96ae3ad27d88348cb9d91f42b0f6f48288956a4bba4091bcb3c46197f
SHA512

419f3f1281181c2de5c43f97975b7fa5676d6962f32c0d61e5413ef6881a734e374d7e7bb080de1d9ef9a705a21c8780d2d0310b029accc4ad04d2851fde2ed9
SSDEEP

768:pBaFTIXvnO+9MV1pHu1k0apvPwr7vB4DsM89L1krfdIcb:cTqPJMk1kppvA7vB089xefecb

Score

N/A

Malware Config

Signatures

Files

acf5cbf96ae3ad27d88348cb9d91f42b0f6f48288956a4bba4091bcb3c46197f
.exe windows x86

0972097f23a64b92a0639d540a00a308

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcpy
_ismbcalpha
wcsncat
wcsxfrm
_wfindnext
?_set_new_mode@@YAHH@Z
__pctype_func
tmpnam
_CIcosh
__dllonexit
__RTDynamicCast
_mbspbrk
___setlc_active_func
_open
wcscspn
_fcvt
_ecvt
_ismbcl2
_ismbbkpunct
_Gettnames
isgraph
_ismbcspace
??_Gexception@@UAEPAXI@Z
iswspace
_flushall
_memicmp
qsort
_wsearchenv
_fmode
wcstod
__CxxLongjmpUnwind
_ismbstrail
wcslen
__pioinfo

ntdll

NtWriteVirtualMemory
ZwSetUuidSeed
ZwClearEvent
RtlRealSuccessor
RtlRemoveVectoredExceptionHandler
_aullrem
cos
NtImpersonateThread
NtAccessCheckByTypeResultList
ZwUnmapViewOfSection
RtlEnumProcessHeaps
ZwSetSystemPowerState
RtlFlushSecureMemoryCache
NtCompactKeys
_ultow
NtIsSystemResumeAutomatic
NtOpenKeyedEvent
RtlQueryTimeZoneInformation
ZwYieldExecution
ZwCreateJobSet
CsrSetPriorityClass
DbgUiRemoteBreakin

crypt32

I_CryptFindSmartCardCertInStore
I_CertSyncStore
CertGetNameStringA
CryptHashCertificate
CertCreateCertificateContext
CryptVerifyMessageSignatureWithKey
CertSerializeCRLStoreElement
CertEnumCRLContextProperties
CryptBinaryToStringW
CryptMsgDuplicate
CryptEnumOIDInfo
CryptStringToBinaryA
CryptMemAlloc
I_CryptInsertLruEntry
CryptCreateKeyIdentifierFromCSP
CryptMsgControl
CertFindSubjectInCTL

crtdll

_ismbcsymbol
_finite
_mbsnccnt
_mbsrchr
system
_osver_dll
_strncnt
_pgmptr_dll
feof
swscanf
_mbsbtype
_execlpe
isxdigit
realloc
_expand
_logb
strtoul
__argv_dll
_wcsdup
_mbsupr
_strdate

kernel32

SetFileValidData
GlobalCompact
GetTempPathW
LoadLibraryA
ReadConsoleInputA
SetLocaleInfoA
OpenFileMappingW
FindVolumeMountPointClose
InterlockedIncrement
BaseInitAppcompatCacheSupport
DebugSetProcessKillOnExit
GetStringTypeW
EnumDateFormatsA
VirtualAlloc
GetSystemTime
GetCurrentThreadId
SetCommState
WaitForMultipleObjects
GlobalFindAtomA
IsWow64Process

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0972097f23a64b92a0639d540a00a308

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

crypt32

crtdll

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 50KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 50KB

.rsrc
Size: 1KB - Virtual size: 1KB