d3b749ae478eded9e0a4fc93dac3bdd04c4a4e647ba175f4b418e24c979caeb3

Sharing

Copy URL Twitter E-mail

General

Target

d3b749ae478eded9e0a4fc93dac3bdd04c4a4e647ba175f4b418e24c979caeb3
Size

293KB
MD5

c15076e7f1870f6b1bea2ff2f835e0b5
SHA1

b212fee1975a32c35f7c184181389482ab6f17a8
SHA256

d3b749ae478eded9e0a4fc93dac3bdd04c4a4e647ba175f4b418e24c979caeb3
SHA512

660e2f73616b6d2b2760d1e269ec464548758cfcec22a6174df23f1f9ca0a4fcdd9060a2c4a94c5f05e5e3eeb30e5e66dc2a512ab6a9d36403356ad912d8ccd1
SSDEEP

6144:Cz/NdwwUOPxKlpkHFB8uNqjHM16YmxgT9gAGfMTcYTr+9lXTI:Cz17D+fjHMjmc9MfM1P+9t0

Score

N/A

Malware Config

Signatures

Files

d3b749ae478eded9e0a4fc93dac3bdd04c4a4e647ba175f4b418e24c979caeb3
.exe windows x86

01e329968da902dcc247efd3b6160baf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathA

kernel32

GetUserDefaultLCID
HeapAlloc
HeapDestroy
WriteFile
HeapSize
FormatMessageA
GetFileType
GetSystemInfo
ReleaseMutex
GetACP
FreeEnvironmentStringsW
WaitForSingleObject
VirtualFree
DeleteCriticalSection
OutputDebugStringA
LCMapStringA
TerminateThread
GetCurrentDirectoryA
LCMapStringW
GetOEMCP
LeaveCriticalSection
IsBadCodePtr
TlsAlloc
TlsSetValue
GetStdHandle
VirtualQuery
TryEnterCriticalSection
GetLocalTime
lstrcmpiA
CreateFileA
CreateMutexA
SetHandleCount
HeapReAlloc
FreeLibrary
LocalFree
FreeEnvironmentStringsA
VirtualProtect
EnumSystemLocalesA
CreateDirectoryA
WideCharToMultiByte
SetLastError
LoadLibraryExA
UnhandledExceptionFilter
ReadFile
GetCommandLineA
FlushFileBuffers
SetFilePointer
IsValidCodePage
TlsFree
GetCurrentThreadId
SetEndOfFile
IsValidLocale
EnterCriticalSection
RtlUnwind
SetUnhandledExceptionFilter
CloseHandle
DeleteFileA
VirtualAlloc
GetModuleHandleA
SetStdHandle
TlsGetValue
RaiseException
GetSystemTimeAsFileTime
HeapFree
SetErrorMode
VirtualAllocEx

user32

MessageBoxA
GetSystemMetrics

advapi32

ImpersonateSelf
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RevertToSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA

rpcrt4

UuidToStringA
RpcStringFreeA
UuidCreate

oleaut32

SysFreeString
SysAllocStringByteLen

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

rtm

RtmCloseEnumerationHandle
RtmBlockSetRouteEnable
RtmReleaseNextHops
RtmFindNextHop
RtmGetMostSpecificDestination
MgmDeRegisterMProtocol
RtmGetRegisteredEntities
RtmReleaseNextHopInfo
RtmCreateRouteEnum
RtmInvokeMethod
MgmGetMfeStats

wsnmp32

SnmpSetTimeout
SnmpSetPduData
SnmpDecodeMsg

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01e329968da902dcc247efd3b6160baf

Headers

File Characteristics

Imports

shell32

kernel32

user32

advapi32

rpcrt4

oleaut32

ole32

rtm

wsnmp32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 265KB - Virtual size: 431KB

.rsrc Size: 4KB - Virtual size: 6KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 265KB - Virtual size: 431KB

.rsrc
Size: 4KB - Virtual size: 6KB