8d546fd3d2b9be27f03ea06402c5c877f8a99c6dbe5c8239e9046724fd1aa4b4

Sharing

Copy URL Twitter E-mail

General

Target

8d546fd3d2b9be27f03ea06402c5c877f8a99c6dbe5c8239e9046724fd1aa4b4
Size

426KB
MD5

e231c2d90d7c23ed0d93979ddf99df9a
SHA1

70ff31807fb75302151412069df53f2049ec7d69
SHA256

8d546fd3d2b9be27f03ea06402c5c877f8a99c6dbe5c8239e9046724fd1aa4b4
SHA512

b891feb8b083de97514a0b4adf723ce52864ff45bbc26aa1e2c9850e594f378f664a191396a4e8ba01af30fd64485ce6d131a7e6da4909845659afc8aa0e43e7
SSDEEP

12288:/2p12UDlHqBe19VYw2iaA5C+bHDPVVLXIcpvFQq:/2GUDV9HVixiHD9FIs

Score

N/A

Malware Config

Signatures

Files

8d546fd3d2b9be27f03ea06402c5c877f8a99c6dbe5c8239e9046724fd1aa4b4
.exe windows x86

74f52a217f6ff2769f532796646cb938

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallMsgFilterW

kernel32

CreateMailslotA
InterlockedIncrement
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
InterlockedDecrement
HeapSize
GetSystemDefaultLangID
ExitProcess
GetCurrentProcessId
DuplicateHandle
VirtualAlloc
GetExitCodeProcess
SetHandleCount
GlobalUnlock
GetSystemDefaultLCID
IsDBCSLeadByte
IsBadReadPtr
CreateDirectoryA
FreeEnvironmentStringsA
GetModuleFileNameW
InitializeCriticalSection
LeaveCriticalSection
GetCPInfo
GlobalFree
LockFile
GlobalSize
TlsAlloc
GetModuleHandleA
FormatMessageW
CreateSemaphoreA
LoadResource
GetCurrentProcess
CloseHandle
GetSystemInfo
WriteFile
GetACP
GetSystemTime
FindResourceA
VirtualProtect
EnterCriticalSection
SetLastError
_lread
GetStringTypeW
GetStringTypeA
lstrcpyA
GetLocalTime
SizeofResource
SetFilePointer
lstrcmpA
FindFirstFileA
lstrcpynA
WaitForSingleObject
LCMapStringW
GetFileAttributesA
UnhandledExceptionFilter
GlobalDeleteAtom
GetCurrentDirectoryA
MultiByteToWideChar
VirtualQuery
GetCommandLineA
GetCurrentThreadId
GlobalReAlloc
ResumeThread
lstrlenA
_llseek
DeleteFileA
SetFileAttributesA
WinExec
GetTickCount
SystemTimeToFileTime
GetStdHandle
TerminateProcess
CreateProcessW
GetVersion
GetSystemDirectoryA
_lwrite
GetVersionExA
GetLastError
DeleteCriticalSection
CreateFileA
UnlockFile
GlobalAlloc
ExitThread
lstrcmpiA
FindNextFileA
WideCharToMultiByte
RtlUnwind
GetUserDefaultLangID
CreateEventA
GetFileType
HeapReAlloc
SearchPathA
FreeEnvironmentStringsW
LoadLibraryExA
RaiseException
Sleep
FreeLibrary
_lclose
GlobalHandle
GetShortPathNameA
FileTimeToLocalFileTime
FindClose
lstrcatA
ReleaseSemaphore
SetCurrentDirectoryA
SetLocalTime

mswsock

sethostname

msi

MsiSetMode

ddraw

DirectDrawEnumerateA

samlib

SamRemoveMultipleMembersFromAlias
SamTestPrivateFunctionsUser
SamiEncryptPasswords
SamConnectWithCreds

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 133KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74f52a217f6ff2769f532796646cb938

Headers

File Characteristics

Imports

user32

kernel32

mswsock

msi

ddraw

samlib

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 133KB - Virtual size: 1.6MB

.rsrc Size: 109KB - Virtual size: 109KB

.rdata Size: 177KB - Virtual size: 177KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 133KB - Virtual size: 1.6MB

.rsrc
Size: 109KB - Virtual size: 109KB

.rdata
Size: 177KB - Virtual size: 177KB