dc4d98ce8d7da181e243b9cf7bcd0ae19bf123e06782e50f09a64ef21761a167

Sharing

Copy URL Twitter E-mail

General

Target

dc4d98ce8d7da181e243b9cf7bcd0ae19bf123e06782e50f09a64ef21761a167
Size

49KB
MD5

fe44c67ac787e0d115f9ed78eafc8b15
SHA1

a292d23b80132fb8b7c0ec2d9be56c1c59f27831
SHA256

dc4d98ce8d7da181e243b9cf7bcd0ae19bf123e06782e50f09a64ef21761a167
SHA512

77163b0eedc9c01897240e2fd147c83f1488544fd6521ac75069d064b428ecc835dcaad3cd8dd9f6af334f07c99f34bbc715b2988e94f99b83993aa1d0297514
SSDEEP

768:ZkA+1WWUFQZGTr2TcFnOshzewqc9i0u/2FcuojJOkMOyVQ9R1H5zzkR6:ZJ+1JUe2n3Q4i0ILu0JdnzzkR6

Score

N/A

Malware Config

Signatures

Files

dc4d98ce8d7da181e243b9cf7bcd0ae19bf123e06782e50f09a64ef21761a167
.exe windows x86

a1e1a62c9158c109471397a78104a255

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterW
GetLocaleInfoA
VirtualAlloc
SetUnhandledExceptionFilter
WritePrivateProfileStructW
GetStartupInfoA
GetTapeParameters
FatalExit
InitializeCriticalSectionAndSpinCount
SetEndOfFile
RemoveDirectoryA
DeleteVolumeMountPointW
SetSystemPowerState
LZRead
LockFile
RestoreLastError
UnlockFile
FindAtomA
LoadLibraryA
GetFileTime
SetLocalPrimaryComputerNameA
WriteProcessMemory
IsValidLocale
SuspendThread
ClearCommError
GetDiskFreeSpaceExW
CreateSemaphoreA
DefineDosDeviceW
GetVersionExA
SetMailslotInfo
GetSystemWindowsDirectoryW
GetAtomNameW
UnregisterWait

untfs

?Read@NTFS_ATTRIBUTE@@QAEEPAXVBIG_INT@@KPAK@Z
?CopyIterator@NTFS_INDEX_TREE@@QAEEPAV1@@Z
?Initialize@NTFS_CLUSTER_RUN@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@VBIG_INT@@KK@Z
?QueryFlags@NTFS_MFT_INFO@@SGEPAXG@Z
?IsDosName@NTFS_SA@@SGEPBU_FILE_NAME@@@Z
??1NTFS_ATTRIBUTE_DEFINITION_TABLE@@UAE@XZ
?Initialize@NTFS_BAD_CLUSTER_FILE@@QAEEPAVNTFS_MASTER_FILE_TABLE@@@Z
?QueryVolumeFlagsAndLabel@NTFS_SA@@QAEGPAE00PAVWSTRING@@@Z
?Initialize@NTFS_UPCASE_FILE@@QAEEPAVNTFS_MASTER_FILE_TABLE@@@Z
?WriteRemainingBootCode@NTFS_SA@@QAEEXZ
??1NTFS_ATTRIBUTE@@UAE@XZ
?Flush@NTFS_MFT_FILE@@QAEEXZ
?Initialize@NTFS_EXTENT_LIST@@QAEEVBIG_INT@@0@Z
??1NTFS_SA@@UAE@XZ
??1NTFS_BITMAP_FILE@@UAE@XZ
?ReadList@NTFS_ATTRIBUTE_LIST@@QAEEXZ
?CompareFileName@NTFS_MFT_INFO@@SGEPAXKPAU_FILE_NAME@@PAG@Z
?Initialize@NTFS_BOOT_FILE@@QAEEPAVNTFS_MASTER_FILE_TABLE@@@Z
?QueryLcnFromVcn@NTFS_EXTENT_LIST@@QBEEVBIG_INT@@PAV2@1@Z
?Initialize@NTFS_FILE_RECORD_SEGMENT@@QAEEVBIG_INT@@KPAVNTFS_MASTER_FILE_TABLE@@@Z
?QuerySegmentReference@NTFS_MFT_INFO@@SG?AU_MFT_SEGMENT_REFERENCE@@PAX@Z
?SetVolumeFlag@NTFS_SA@@QAEEGPAE@Z
??0NTFS_SA@@QAE@XZ
??0NTFS_EXTENT_LIST@@QAE@XZ
??1NTFS_BOOT_FILE@@UAE@XZ
??0NTFS_ATTRIBUTE@@QAE@XZ
??1NTFS_ATTRIBUTE_LIST@@UAE@XZ
??0NTFS_UPCASE_FILE@@QAE@XZ
??1NTFS_UPCASE_FILE@@UAE@XZ
?Initialize@NTFS_ATTRIBUTE_RECORD@@QAEEPAVIO_DP_DRIVE@@PAX@Z
??0NTFS_UPCASE_TABLE@@QAE@XZ
?QueryFileSizes@NTFS_FILE_RECORD_SEGMENT@@QAEEPAVBIG_INT@@0PAE@Z
?ResetIterator@NTFS_INDEX_TREE@@QAEXXZ

crtdll

_futime
_gcvt
_yn
_getch
_ismbclegal
fseek
_ecvt
_statusfp
wcsncat
_ismbbgraph
_itow
fwrite
_read
__doserrno
time
_execvp
_mbsicmp
_mbsupr
isprint
_fpreset
strncpy
_cabs
_basemajor_dll
_mbsnbcnt
wcsrchr
getenv
putc
remove
_wtol
_CIcosh

gdi32

DdEntry38
RoundRect
GetCharWidthFloatW
DdEntry40
SelectClipPath
EngMultiByteToWideChar
GetPath
DdEntry32
SetEnhMetaFileBits
GetFontAssocStatus
SelectBrushLocal
GetFontResourceInfoW
GdiEntry2
GetAspectRatioFilterEx
RemoveFontResourceTracking
FONTOBJ_pvTrueTypeFontFile
GetOutlineTextMetricsW
CloseMetaFile
GdiConvertBitmapV5
FONTOBJ_vGetInfo
GdiIsMetaPrintDC
BRUSHOBJ_ulGetBrushColor
GetNearestColor
SetMetaRgn
DdEntry37
GetTextExtentExPointWPri
LPtoDP
FlattenPath
CreateHalftonePalette
XLATEOBJ_iXlate
GetCharWidth32A

user32

User32InitializeImmEntryTable
CallMsgFilterA
RealGetWindowClassW
ToAscii
GetSystemMenu
FillRect
UnregisterUserApiHook
ValidateRgn
SetWindowTextA
FlashWindow
IsWindowInDestroy
GetDlgCtrlID
ChangeDisplaySettingsExW
UnregisterClassW
CopyIcon
UserRealizePalette
PostThreadMessageA
WaitMessage
CreateCursor
CtxInitUser32
CreateIconFromResourceEx
CreateAcceleratorTableW
ModifyMenuA
IsCharLowerA
CharPrevW
DrawAnimatedRects

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1e1a62c9158c109471397a78104a255

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

untfs

crtdll

gdi32

user32

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB