696e12c2c78e996ed406759f12b57cb73b2c4b9fce7759e53c226443b5905cd5

Sharing

Copy URL Twitter E-mail

General

Target

696e12c2c78e996ed406759f12b57cb73b2c4b9fce7759e53c226443b5905cd5
Size

160KB
MD5

8d5f27ca669a3b04c4fd24d3b73e9092
SHA1

9e4051bc77f6a14c5fae9c581086cb3a78ceff8c
SHA256

696e12c2c78e996ed406759f12b57cb73b2c4b9fce7759e53c226443b5905cd5
SHA512

af8a7b11dd4d1a9ac8f3ebc6e426de174602530fc35bb4c83c601fb6d4784de070c8a16d745ee38d8ce64e2d78417759997a6cd77c9e5383e3156b3cfd0cefa9
SSDEEP

3072:RADgalD5wmsHvnx3g9M5COm9ALzmfbIGZaBOZ+OAeCEP3oeTV6:RADVdw3vxw9krmWfoEfg+xeCEP3zQ

Score

N/A

Malware Config

Signatures

Files

696e12c2c78e996ed406759f12b57cb73b2c4b9fce7759e53c226443b5905cd5
.exe windows x86

33b3e7454ba9aff582823954bd6c460f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_CItan
_aligned_free
_mbsnicmp
_CIacos
abort
?set_terminate@@YAP6AXXZP6AXXZ@Z
exit
_rotr
__p__commode
_stat
__lc_codepage
_getdllprocaddr
_osplatform
_time64
_mbsnbcpy
_XcptFilter
_cwscanf
_safe_fprem
__set_app_type
_setmode
bsearch
_adj_fprem1
_aligned_realloc
wcsncpy
_aligned_malloc
_except_handler3
iswalpha
__iscsymf
mblen
iswgraph
_endthread
__getmainargs
realloc
towlower
_mbsbtype
fopen
_wfindnext64
iswctype
pow
_mbstrlen
fscanf
_CItanh
ctime
_creat
_getmbcp
_mbscat
_ui64tow

kernel32

LocalCompact
GetLogicalDriveStringsW
WritePrivateProfileStringA
OpenFile
GetPrivateProfileSectionW
GetUserDefaultLangID
SetFileAttributesW
GetModuleHandleExW
lstrlen
LoadLibraryA
IsValidCodePage
SetFileTime
HeapCompact
SetComPlusPackageInstallStatus
GetDevicePowerState
GetOEMCP
GetProcessIoCounters
CreateHardLinkA
CreateJobObjectA
GetConsoleAliasA
DeleteTimerQueueEx
OpenJobObjectA
SetFileShortNameW
VirtualAlloc
CommConfigDialogA
GlobalUnfix
InterlockedPushEntrySList
QueryPerformanceCounter
Heap32First

advapi32

CryptContextAddRef
LsaSetTrustedDomainInformation
CryptSetProviderA
AddAccessAllowedAceEx
SetInformationCodeAuthzLevelW
CredEnumerateA
CredIsMarshaledCredentialA
GetCurrentHwProfileA
SetEntriesInAclA
CredIsMarshaledCredentialW
CryptAcquireContextW
ElfReportEventW
RegisterServiceCtrlHandlerW
WmiEnumerateGuids
BuildExplicitAccessWithNameA
ImpersonateLoggedOnUser
CryptSetProviderExA
EnumServicesStatusW
SystemFunction011
CryptDeriveKey
ElfBackupEventLogFileW
QueryServiceConfig2W
ChangeServiceConfigA
RegEnumKeyW
LsaGetSystemAccessAccount
UninstallApplication
ObjectDeleteAuditAlarmW
GetNamedSecurityInfoA
I_ScSetServiceBitsA

msvcrt40

?xsputn@streambuf@@UAEHPBDH@Z
_wpgmptr
ldexp
_c_exit
?write@ostream@@QAEAAV1@PBCH@Z
_mbctolower
??_7bad_cast@@6B@
_setmbcp
??_Gistrstream@@UAEPAXI@Z
??_7stdiostream@@6B@
?egptr@streambuf@@IBEPADXZ
??1Iostream_init@@QAE@XZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
??0ofstream@@QAE@ABV0@@Z
_fpieee_flt
??_8fstream@@7Bostream@@@
??_Gstdiobuf@@UAEPAXI@Z
frexp
_findnexti64
strstr
?openprot@filebuf@@2HB
_logb
_wexecvp
_pclose
ispunct

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33b3e7454ba9aff582823954bd6c460f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

msvcrt40

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 25KB - Virtual size: 207KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 25KB - Virtual size: 207KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B