18742 Dec 01[.]vhd

Resubmissions

12-12-2022 14:44

221212-r4hl7aec7w 10

09-12-2022 20:54

221209-zpzwxshb4y 10

02-12-2022 06:24

221202-g6c5daed8w 10

Sharing

Copy URL

Twitter E-mail

General

Target

18742 Dec 01.vhd
Size

80.0MB
MD5

f997ed3ef5bfa00bfd6407b83083f210
SHA1

6c2b807f32936292251462a9fec2d30f95c2d36f
SHA256

50df969f412391ca19609bbeeac268a4cf97ed8cc605fbfeddcb628373a637d9
SHA512

5eef91ba9f51a0f9c5905bc99de1b2804407fb5e0e7417184044b0b896c0ad4044eacfad25831d219145124276fd91203f2ea790300bf2a098392cd770aa1aba
SSDEEP

12288:qSUUEfo5I6/o2qgkpUdW9Msme0CWUdOWk4F:qSTiWDvLORme0C0Wk4

Score

N/A

Malware Config

Signatures

Files

18742 Dec 01.vhd
.vhd .dmg macos
out.vhd
.vhd .dmg macos
119.dll
.dll windows x86

f5633f396eec7e92c6df8dee7361a7f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
WriteFile
CloseHandle
HeapCreate
TryEnterCriticalSection
CreateThread
ResumeThread
GetModuleFileNameA
GetCurrentProcessId
SetEndOfFile
CreateFileMappingA
MapViewOfFile
CreateNamedPipeA
CallNamedPipeA
ConnectNamedPipe
FreeEnvironmentStringsW
DeleteCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
HeapAlloc
GetLastError
HeapFree
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryExW
LCMapStringW
GetStdHandle
GetFileType
GetStartupInfoW
SetLastError
GetCurrentThreadId
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetStdHandle
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
IsValidCodePage
GetACP
GetOEMCP
SetFilePointerEx
GetStringTypeW
ExitProcess
GetModuleHandleW
GetModuleHandleExW
ReadFile
ReadConsoleW
GetModuleFileNameW
CreateFileW
WriteConsoleW
DecodePointer
RaiseException
HeapSize
HeapReAlloc
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
InterlockedFlushSList
FindClose
FindFirstFileExW
FindNextFileW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

Exports

Exports

AfO899
CYvxX
DrawThemeIcon
LHWo914
TJqi910
XULm3

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 326KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
18742 Dec 01.lnk
.lnk
System Volume Information/IndexerVolumeGuid
System Volume Information/WPSettings.dat

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f5633f396eec7e92c6df8dee7361a7f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 159KB - Virtual size: 159KB

.data Size: 326KB - Virtual size: 328KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 159KB - Virtual size: 159KB

.data
Size: 326KB - Virtual size: 328KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 4KB