c9ed8a6d3e254be1e6e79bcfe66688d15bcb72b1e3edbda8d43f7e0cc341b4ee

Sharing

Copy URL Twitter E-mail

General

Target

c9ed8a6d3e254be1e6e79bcfe66688d15bcb72b1e3edbda8d43f7e0cc341b4ee
Size

848KB
MD5

e57df1590f1dc870d89e719f082f46d3
SHA1

7629934f3be7f21a34e3a3231607dd1347f4376f
SHA256

c9ed8a6d3e254be1e6e79bcfe66688d15bcb72b1e3edbda8d43f7e0cc341b4ee
SHA512

16a2e2c7e4d48106236c128c964341f4922362039882dfd4d83d746a342f8aba3b5d06fa08e76161aa2ba0428cfe4f502e825235b6875fa299316ec3133bd879
SSDEEP

24576:hEF9bGROxGy2oSZ3gFYJJP3XDgbgvqerAIH:U9CRDy2oAwmJJPH0b+

Score

N/A

Malware Config

Signatures

Files

c9ed8a6d3e254be1e6e79bcfe66688d15bcb72b1e3edbda8d43f7e0cc341b4ee
.exe windows x86

abff8cb043d064473e6cd72fe99bc6eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

towlower
iswascii
wcstod
putc
_tzset
_execle
_swab
_initterm
ceil
_open
_toupper
_cputs
_memccpy
_heapset
strcmp
_cscanf

mscms

IsColorProfileTagPresent
GetColorProfileFromHandle
SetColorProfileElementReference
GetStandardColorSpaceProfileW
CreateColorTransformW
InstallColorProfileA
GetColorProfileElement
UninstallColorProfileA
RegisterCMMW
IsColorProfileValid
GetPS2ColorSpaceArray
OpenColorProfileA
CheckColors
InternalGetDeviceConfig
InternalGetPS2CSAFromLCS
AssociateColorProfileWithDeviceA
UninstallColorProfileW
ConvertIndexToColorName
CreateDeviceLinkProfile
GenerateCopyFilePaths
GetPS2ColorRenderingDictionary
GetStandardColorSpaceProfileA
EnumColorProfilesW
OpenColorProfileW
CreateColorTransformA

loadperf

BackupPerfRegistryToFileW
UnloadPerfCounterTextStringsA
InstallPerfDllA
SetServiceAsTrustedW
SetServiceAsTrustedA
LoadPerfCounterTextStringsA
LoadPerfCounterTextStringsW
UpdatePerfNameFilesW
UnloadPerfCounterTextStringsW
InstallPerfDllW
UpdatePerfNameFilesA
RestorePerfRegistryFromFileW

kernel32

GetThreadLocale
SetConsoleScreenBufferSize
_lread
GlobalUnlock
GetConsoleAliasA
ReadConsoleA
GetFileAttributesW
GetConsoleNlsMode
DebugBreak
WriteProfileStringW
InitializeCriticalSection
VirtualAlloc
CopyFileExA
WriteFile
RemoveLocalAlternateComputerNameW
GetWindowsDirectoryA
lstrcpyA
GetConsoleAliasesW
SetUserGeoID
LoadLibraryA
EnumSystemCodePagesW
GetSystemTimeAsFileTime

Sections

.text
Size: 757KB - Virtual size: 757KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abff8cb043d064473e6cd72fe99bc6eb

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

mscms

loadperf

kernel32

Sections

.text Size: 757KB - Virtual size: 757KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 3KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 757KB - Virtual size: 757KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 3KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB