24e8ff5b8a103834b82aaade1f2bcdb51e7073aa8f5154b30362fdfeb6516ac1

Sharing

Copy URL Twitter E-mail

General

Target

24e8ff5b8a103834b82aaade1f2bcdb51e7073aa8f5154b30362fdfeb6516ac1
Size

94KB
MD5

fd7c2fe42e588ba6b05d8ea814ab0cf7
SHA1

a59f1412c568517d60d6ecccb9ffa11b3e4f19c8
SHA256

24e8ff5b8a103834b82aaade1f2bcdb51e7073aa8f5154b30362fdfeb6516ac1
SHA512

108be12461c81fe6dde63bc7966dc00b655e060b91fe47b1e33e647649888992e1e2febe9fb1cc7197eeac9b0ecca5094c76f03c659bb3411981d6424725ef48
SSDEEP

1536:UpV2cEmH8KMN+MQOi+GBOhsVf+ZYTPCnAU95eiu/Yp+H4EFSf6UMHPIZ6KRKG0:UTcNNRIksVfOrnAWZUYp+H4nCRQ6KYG0

Score

N/A

Malware Config

Signatures

Files

24e8ff5b8a103834b82aaade1f2bcdb51e7073aa8f5154b30362fdfeb6516ac1
.exe windows x86

27ec6d09074dfbacc88d50b47f180096

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mciavi32

DriverProc
KeyboardHookProc

kernel32

CreateThread
GetTempFileNameA
GetLogicalDriveStringsA
Thread32First
PeekNamedPipe
VirtualAlloc
GetCalendarInfoW
GetPriorityClass
lstrcmp
WritePrivateProfileStringA
GetEnvironmentStrings
HeapLock
IsBadHugeWritePtr
ResetWriteWatch
LoadLibraryA
QueryDepthSList
GlobalFix
DeactivateActCtx
GetSystemDefaultLCID
GetTapeParameters
WritePrivateProfileSectionA
GetACP
GetNumberFormatA
HeapCompact
SetComputerNameExA
GetLargestConsoleWindowSize
GetModuleHandleExW
SwitchToThread
GetCurrentConsoleFont
ExpungeConsoleCommandHistoryA
OpenEventA
PostQueuedCompletionStatus
SetDefaultCommConfigW
WriteConsoleOutputAttribute
ReadConsoleOutputCharacterA
GlobalFlags
_hwrite
lstrcpynA
CreateMailslotW
GetStartupInfoW
GetLocaleInfoA
DeleteTimerQueueEx
GetDevicePowerState
GetOverlappedResult
lstrcpyW
IsBadCodePtr
GetProcessIoCounters
GetComputerNameW
GetModuleFileNameW
EnumDateFormatsA
DosDateTimeToFileTime
DebugSetProcessKillOnExit
LZDone
LocalShrink

ntdll

_ftol
RtlCopySid
ZwWaitHighEventPair
NtRenameKey
strpbrk
RtlTraceDatabaseCreate
ZwOpenSection
ZwSetValueKey
NtWaitLowEventPair
isupper
NtSystemDebugControl
ZwRemoveIoCompletion
RtlCreateTimer
ZwGetContextThread
ZwPulseEvent
RtlTraceDatabaseEnumerate
RtlAddRefActivationContext
ZwQueryMutant
ZwQueryInformationToken
RtlOemStringToUnicodeString
RtlInitializeSListHead
ZwQueryObject
RtlIpv4AddressToStringA
_CIcos
NtEnumerateBootEntries
NtSetSystemEnvironmentValueEx
ZwLoadDriver
NtSetInformationThread
RtlMapGenericMask
RtlFindActivationContextSectionString
RtlPushFrame
RtlInterlockedPopEntrySList
RtlSelfRelativeToAbsoluteSD
NtWriteRequestData
ZwSetDefaultHardErrorPort

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27ec6d09074dfbacc88d50b47f180096

Headers

File Characteristics

Imports

mciavi32

kernel32

ntdll

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 5KB - Virtual size: 5KB