c0078f7c27bc4779cde01eb27867431515f9acfb04e4ebfc4aee4c8a25103019

Sharing

Copy URL Twitter E-mail

General

Target

c0078f7c27bc4779cde01eb27867431515f9acfb04e4ebfc4aee4c8a25103019
Size

41KB
MD5

a4863ddb6f364b7a93661f17c1183d38
SHA1

5f39863d8120afe223074a1018cd4b52682937bc
SHA256

c0078f7c27bc4779cde01eb27867431515f9acfb04e4ebfc4aee4c8a25103019
SHA512

74bcef4ad47c6f1b5418cc47a839cf2a3f1854a61690514d4405176bab468a017bc87d17cf13ab26fdbef55e2f79e8f4b8a626dc353bb1e8322cf06796dce4e6
SSDEEP

768:dLF/9AWzcckWOS8MkBg9i2PemD3Jgzl7SFSFNnAhU2tBcP6epnrwIER+f3K/wnUQ:lF1RccjOSVkB32Pf5+UJhU2tBO6epnUq

Score

N/A

Malware Config

Signatures

Files

c0078f7c27bc4779cde01eb27867431515f9acfb04e4ebfc4aee4c8a25103019
.exe windows x86

455c2a0c78fde08a601b2fbe85a215f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerifyConsoleIoHandle
FatalAppExitA
HeapQueryInformation
VirtualAlloc
RtlCaptureStackBackTrace
FileTimeToSystemTime
LoadLibraryExA
CreateMutexA
SetVolumeLabelW
FindNextFileW
IsValidCodePage
GetCommModemStatus
GetLocaleInfoW
GetLocalTime
FillConsoleOutputCharacterA
FindClose
GetDriveTypeW
SearchPathA
GetEnvironmentStringsA
FlushFileBuffers
PeekConsoleInputA
RegisterWowBaseHandlers
ReplaceFileA
GetThreadContext
CreateProcessInternalW
lstrcmpA
CreateEventA
ReadProcessMemory
TlsSetValue
ReadFileEx
GetThreadTimes
OutputDebugStringW
Module32NextW
lstrcmp
lstrcpynA
WritePrivateProfileSectionA
GetProcessVersion
FindNextVolumeA
EnumDateFormatsW
CloseHandle
ShowConsoleCursor
GetNumaAvailableMemoryNode
GetConsoleWindow
FormatMessageA
GetNumaNodeProcessorMask
CreateThread
RemoveDirectoryW
SetNamedPipeHandleState
WaitCommEvent
GetPrivateProfileStructA
VerifyVersionInfoW
FindAtomW
RegisterWaitForInputIdle
SetConsoleCursorInfo
GetDevicePowerState
WritePrivateProfileSectionW
GetProcessAffinityMask
GetUserDefaultLangID
ContinueDebugEvent
SetHandleCount
FindNextVolumeMountPointW
CreateWaitableTimerW
EndUpdateResourceW
GetConsoleCursorMode
WaitNamedPipeA
LZCloseFile
IsDBCSLeadByteEx
GetACP
HeapSummary
FreeEnvironmentStringsW
CreateFileMappingW
GetLongPathNameW
IsDebuggerPresent
GetProfileSectionW
lstrcmpiW
GetWindowsDirectoryA
WriteConsoleOutputA
GetTapeParameters
VirtualQuery
IsBadReadPtr
NlsGetCacheUpdateCount
GetPrivateProfileSectionNamesW
SwitchToFiber
ReleaseMutex
SetWaitableTimer
LocalShrink
ChangeTimerQueueTimer
GetProcessIoCounters
GetDriveTypeA
CreateHardLinkA
SetEnvironmentVariableA
Beep
GetVolumePathNamesForVolumeNameA
LoadLibraryA
FindFirstVolumeMountPointA
InterlockedExchangeAdd
GetConsoleCommandHistoryLengthA
SetConsoleDisplayMode

atmlib

ATMGetFontPaths
ATMMakePSSW
ATMMakePFMA
ATMSelectEncoding
ATMEnumFonts
ATMXYShowText
ATMGetFontBBox
ATMAddFontA
ATMAddFontExA
ATMRemoveFontA
ATMFontStatus
ATMAddFontExW
ATMEnumFontsA
ATMEnumFontsW
ATMForceFontChange
ATMGetFontInfoA
ATMEnumMMFontsA
ATMGetNtmFieldsW
ATMMakePSS
ATMAddFont
ATMAddFontEx
ATMGetOutline
ATMProperlyLoaded
ATMFontStatusA
ATMGetVersionExA
ATMRemoveSubstFontA
ATMGetMenuName
ATMBBoxBaseXYShowTextW
ATMGetNtmFields
ATMAddFontW
ATMInstallSubstFontW
ATMGetMenuNameW
ATMSelectObject

msvcirt

??5istream@@QAEAAV0@PAE@Z
??0istream_withassign@@QAE@ABV0@@Z
?fill@ios@@QBEDXZ
?is_open@filebuf@@QBEHXZ
?get@istream@@QAEAAV1@PACHD@Z
??_Dostrstream@@QAEXXZ
?sh_none@filebuf@@2HB
??4istream@@IAEAAV0@PAVstreambuf@@@Z
?put@ostream@@QAEAAV1@D@Z
??1istream@@UAE@XZ
??4exception@@QAEAAV0@ABV0@@Z
?tie@ios@@QAEPAVostream@@PAV2@@Z
??5istream@@QAEAAV0@PAD@Z
??_Dostream_withassign@@QAEXXZ
??0ostream_withassign@@QAE@ABV0@@Z
?blen@streambuf@@IBEHXZ
??_8strstream@@7Bistream@@@
?iword@ios@@QBEAAJH@Z
?get@istream@@QAEHXZ
?xsputn@streambuf@@UAEHPBDH@Z
??_8istrstream@@7B@
?sync@filebuf@@UAEHXZ
?setrwbuf@stdiobuf@@QAEHHH@Z
??0strstreambuf@@QAE@PADH0@Z
??4istrstream@@QAEAAV0@ABV0@@Z
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
??0strstream@@QAE@PADHH@Z
?close@filebuf@@QAEPAV1@XZ

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

455c2a0c78fde08a601b2fbe85a215f4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

atmlib

msvcirt

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB