d8dc719bb36031f81e4e6755be0c00a942f4ca6b5c9e86bf7e00c311f6862502

Sharing

Copy URL Twitter E-mail

General

Target

d8dc719bb36031f81e4e6755be0c00a942f4ca6b5c9e86bf7e00c311f6862502
Size

793KB
MD5

f7572f77cf0eacd08e0bc9a160df8ba0
SHA1

1d1d52542c4cd146052af442a67b7b921066dd74
SHA256

d8dc719bb36031f81e4e6755be0c00a942f4ca6b5c9e86bf7e00c311f6862502
SHA512

9955e8687e269de3899262b5e71e24bcdbb9f8accff7f91df588fbf72ce59c3014ef1ca9364bb3e540bdd7db2de05c37ac7b12e94553d667866354858de7922c
SSDEEP

12288:OTi8MrQ4H5U1oP4BMKJN0OgsidNK2EMzVSsNWmzG/Rlb3Dt1rYJoqT6dB6qT:7M8U1oPFg0AidsVMz1glvt1cWdBzT

Score

N/A

Malware Config

Signatures

Files

d8dc719bb36031f81e4e6755be0c00a942f4ca6b5c9e86bf7e00c311f6862502
.exe windows x86

989e31fafaefdacf63ce0a7283290a2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GetFileSize
SetConsoleMaximumWindowSize
LockResource
WriteTapemark
RtlFillMemory
ExitProcess
GetNumberOfConsoleMouseButtons
LocalUnlock
VirtualAlloc
OpenProcess
CreateSocketHandle
SetLastError
AllocConsole
SetHandleInformation
GetDiskFreeSpaceExA
IsValidLocale
CommConfigDialogW
CreateTapePartition
WriteProfileSectionW
OutputDebugStringW
IsDebuggerPresent
GlobalDeleteAtom
SetFirmwareEnvironmentVariableA
LoadLibraryA
OutputDebugStringA
LZCopy
GetProfileStringA
ReadConsoleInputExW
GetEnvironmentStringsW
GetStdHandle
MulDiv
GetCommTimeouts

msvcirt

?x_statebuf@ios@@0PAJA
??_Elogic_error@@UAEPAXI@Z
??5istream@@QAEAAV0@AAG@Z
?x_curindex@ios@@0HA
??4strstreambuf@@QAEAAV0@ABV0@@Z
??_Gstrstreambuf@@UAEPAXI@Z
??Bios@@QBEPAXXZ
?good@ios@@QBEHXZ
??5istream@@QAEAAV0@AAC@Z
??0strstreambuf@@QAE@ABV0@@Z
??0iostream@@QAE@PAVstreambuf@@@Z
?ebuf@streambuf@@IBEPADXZ
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
??0istream_withassign@@QAE@XZ
??5istream@@QAEAAV0@PAD@Z
?put@ostream@@QAEAAV1@C@Z
??5istream@@QAEAAV0@AAK@Z
??6ostream@@QAEAAV0@O@Z
??_7strstreambuf@@6B@
??1strstreambuf@@UAE@XZ
?setmode@fstream@@QAEHH@Z
??1stdiobuf@@UAE@XZ
?clrlock@ios@@QAAXXZ

ntdll

_memicmp
ZwSetInformationDebugObject
DbgPrompt
ZwQueueApcThread
strcpy
RtlDeleteSecurityObject
RtlCompareString
RtlDeleteRegistryValue
RtlCopyString
RtlApplicationVerifierStop
NtFilterToken
RtlCopyLuid
NtSetLdtEntries
RtlTryEnterCriticalSection
NtQueryIntervalProfile
ZwCancelTimer
NtPrivilegeCheck
strcmp
RtlAllocateHeap
NtOpenProcessToken
ZwWaitForKeyedEvent

advapi32

ElfOpenBackupEventLogA
ChangeServiceConfigA
LookupPrivilegeDisplayNameW
ElfOldestRecord
ObjectPrivilegeAuditAlarmA
SystemFunction030
LsaLookupPrivilegeDisplayName
ProcessTrace
CryptGetProvParam
QueryUsersOnEncryptedFile
SetInformationCodeAuthzLevelW
CredFree
CreateRestrictedToken
ConvertSecurityDescriptorToAccessW
GetTrusteeNameA
ElfChangeNotify
EnumServicesStatusW
GetSidSubAuthorityCount
SystemFunction040
QueryTraceA
LsaCreateTrustedDomainEx
CreateCodeAuthzLevel
RegQueryMultipleValuesA
WmiNotificationRegistrationW
LsaRetrievePrivateData

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

989e31fafaefdacf63ce0a7283290a2d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcirt

ntdll

advapi32

Sections

.text Size: 228KB - Virtual size: 228KB

.rdata Size: 282KB - Virtual size: 281KB

.data Size: 279KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 228KB - Virtual size: 228KB

.rdata
Size: 282KB - Virtual size: 281KB

.data
Size: 279KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB