6e6623c8b5e274a02421d54a0c4a2739366d83007acc8f9c508078c8189c0b0b

Sharing

Copy URL Twitter E-mail

General

Target

6e6623c8b5e274a02421d54a0c4a2739366d83007acc8f9c508078c8189c0b0b
Size

41KB
MD5

a7379fdb80599f61f4d4da449d9880f5
SHA1

bc8482dea349b1c9f37706baef88a47930ffd0e5
SHA256

6e6623c8b5e274a02421d54a0c4a2739366d83007acc8f9c508078c8189c0b0b
SHA512

b94b82cae36417fce92762ba98dd55f20c2cbc9e2c3ba08184a6e997f6f90a68bd2df481cd1c76ae58f8924b05e0015c5d8e3737aa587e3d53de059002c69c02
SSDEEP

768:ns8Dd4milirCg99RokvxIRQyCCo4Y8AP8rSrGeh4bEiVa+2/h0:s8rIirCi9RoMxIenCPU8rQ+bEiVkh0

Score

N/A

Malware Config

Signatures

Files

6e6623c8b5e274a02421d54a0c4a2739366d83007acc8f9c508078c8189c0b0b
.exe windows x86

bce14f23361af5bd07fd82d5ac4eb736

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFirmwareEnvironmentVariableA
WriteConsoleInputVDMA
DeleteFileA
SetConsoleLocalEUDC
lstrcmpA
GlobalDeleteAtom
Process32FirstW
GetProfileStringW
UTRegister
ContinueDebugEvent
_lread
GetConsoleAliasW
ReadFileEx
GetAtomNameA
GlobalGetAtomNameW
SetFilePointerEx
FormatMessageA
MultiByteToWideChar
GlobalHandle
HeapReAlloc
WriteProfileStringW
SetMessageWaitingIndicator
LoadLibraryA
SetDefaultCommConfigW
BaseUpdateAppcompatCache
GetUserDefaultUILanguage
IsBadWritePtr
Heap32ListNext
GetGeoInfoW
GetModuleHandleExW
UnregisterConsoleIME
GetTimeZoneInformation
SetConsoleCtrlHandler
VerifyVersionInfoW
WriteConsoleInputW
CancelDeviceWakeupRequest
GetDriveTypeW
GetSystemDefaultUILanguage
GetConsoleAliasExesLengthA
GetProcessVersion
WriteFile
VirtualAlloc
Module32FirstW
GetEnvironmentStringsW
SystemTimeToFileTime
SetFirmwareEnvironmentVariableA
RemoveDirectoryW
GetNumaHighestNodeNumber
LZRead
LoadLibraryExA
Process32Next
GetPrivateProfileIntA
GetThreadSelectorEntry
WritePrivateProfileStringW
SetTapeParameters
SetCommTimeouts
UpdateResourceA
InitAtomTable
SetConsoleMenuClose
FindResourceW
LZDone
RemoveLocalAlternateComputerNameW
HeapWalk
QueryDosDeviceW
lstrcpy
DosPathToSessionPathW
GlobalAddAtomW
WriteProfileSectionA
VerLanguageNameA
GetConsoleInputWaitHandle
SetVolumeMountPointW
DeleteTimerQueue
HeapLock
SetThreadContext
GetConsoleAliasesW
lstrcmpW
GlobalAddAtomA
PrivMoveFileIdentityW
DuplicateConsoleHandle
InvalidateConsoleDIBits
GetConsoleScreenBufferInfo
WriteConsoleOutputA
LZStart

ifsutil

?IsATformat@DP_DRIVE@@QBEEXZ
?DiskCopyMainLoop@@YGHPBVWSTRING@@000EPAVMESSAGE@@1@Z
?RemoveAll@SPARSE_SET@@QAEEXZ
?QueryNtfsVersion@IFS_SYSTEM@@SGEPAE0PAVLOG_IO_DP_DRIVE@@PAX@Z
??1DP_DRIVE@@UAE@XZ
?QueryAutochkTimeOut@VOL_LIODPDRV@@SGEPAK@Z
?PushEntry@AUTOREG@@SGEPBVWSTRING@@@Z
?Initialize@SPARSE_SET@@QAEEXZ
?GetData@TLINK@@QAEAAVBIG_INT@@G@Z
?Look@INTSTACK@@QBE?AVBIG_INT@@K@Z
?IsThisNtfs@IFS_SYSTEM@@SGEVBIG_INT@@KPAX@Z
?IsEntryPresent@AUTOREG@@SGEPBVWSTRING@@0@Z
??1VOL_LIODPDRV@@UAE@XZ
?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?Lock@IO_DP_DRIVE@@QAEEXZ
?Initialize@DP_DRIVE@@QAEEPBVWSTRING@@PAVMESSAGE@@EEG@Z
?WriteToFile@IFS_SYSTEM@@SGEPBVWSTRING@@PAXKE@Z
?Initialize@READ_CACHE@@QAEEPAVIO_DP_DRIVE@@K@Z
?SetSystemId@LOG_IO_DP_DRIVE@@QAEEE@Z
?Initialize@VOL_LIODPDRV@@IAEEPBVWSTRING@@0PAVSUPERAREA@@PAVMESSAGE@@E@Z
?QueryMemberCount@TLINK@@QBEGXZ

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bce14f23361af5bd07fd82d5ac4eb736

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ifsutil

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB