d1bcdc80d8d57b2efc9f3555e2068557b56956018a6a05251c35366c5ce4cca0

Sharing

Copy URL Twitter E-mail

General

Target

d1bcdc80d8d57b2efc9f3555e2068557b56956018a6a05251c35366c5ce4cca0
Size

92KB
MD5

b39660c75204da4df09135adcc75542b
SHA1

a887ec4b0c4767b703ed58699aa48c3225b1b411
SHA256

d1bcdc80d8d57b2efc9f3555e2068557b56956018a6a05251c35366c5ce4cca0
SHA512

335af9113330e87dbdb47e6c111c2571739686f9bc756672eac392a8e582746ef01881c30ebfac88243b976acd4de3688a3135834f3e2c48173e1875d40c8171
SSDEEP

1536:bUSya7XhBv+8tckdHdYOkHKgoKXuN8Wv6s4V1fiFD1hKOKUVpiMxYRm0/GWWchYg:ASya7hBvr+kdmnqgoQuNnv6s41KF5Ye2

Score

N/A

Malware Config

Signatures

Files

d1bcdc80d8d57b2efc9f3555e2068557b56956018a6a05251c35366c5ce4cca0
.exe windows x86

5d8a65d2cd00c0563e7370b04835cce1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

atmlib

ATMEnumFonts

advapi32

RegCreateKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
SetNamedSecurityInfoW
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyW
GetSecurityDescriptorDacl
RegQueryValueExA

cmdial32

AutoDialFunc

msvcrt

_wcslwr
_wcsnicmp
printf
wcsncmp
_purecall
free
strncpy
malloc
_except_handler3
wcscmp
wcsrchr
memmove
fopen
_strupr
_initterm
memcpy
sscanf
fwrite
fclose
mbstowcs
fseek
fread
wcslen
wcstombs
_strlwr
_adjust_fdiv
strstr
memset

ntdll

NtCreateFile

crypt32

RegCreateHKCUKeyExU

kernel32

CopyFileA
CreateDirectoryW
CreateFileA
GetWindowsDirectoryW
RemoveDirectoryW
QueryPerformanceCounter
TlsAlloc
UnhandledExceptionFilter
InitializeCriticalSection
WaitForSingleObject
GetTickCount
GetFileAttributesW
HeapAlloc
TlsGetValue
DeleteCriticalSection
VirtualAlloc
FreeLibrary
GetVersionExA
LocalFree
FindNextFileW
GetVersion
GetCurrentProcessId
GetSystemTimeAsFileTime
FindClose
TerminateProcess
GetSystemTime
lstrlenA
HeapFree
TlsSetValue
FreeEnvironmentStringsW
SetFileAttributesW
ExitProcess
GetEnvironmentStringsW
EnterCriticalSection
FindFirstFileW
GetDiskFreeSpaceA
GetVersionExW
GetLocalTime
SetLastError
SetEvent
CreateFileMappingW
LeaveCriticalSection
CloseHandle
WideCharToMultiByte
GetCurrentProcess
GetEnvironmentStrings
lstrlenW
SetUnhandledExceptionFilter
MapViewOfFile
DeleteFileW
GetFileAttributesA
VirtualFree
GetWindowsDirectoryA
SetFileAttributesA
CreateEventA
GetCurrentThreadId
UnmapViewOfFile
TlsFree
GetLastError
Sleep
LoadLibraryW
GetProcessHeap
LoadLibraryA
GetModuleHandleW
GetSystemDirectoryA
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
GlobalMemoryStatus
FreeEnvironmentStringsA
GetProcAddress
VirtualProtect
DeviceIoControl

Sections

.textbss
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d8a65d2cd00c0563e7370b04835cce1

Headers

DLL Characteristics

File Characteristics

Imports

atmlib

advapi32

cmdial32

msvcrt

ntdll

crypt32

kernel32

Sections

.textbss Size: - Virtual size: 432KB

.text Size: 512B - Virtual size: 464B

.idata Size: 89KB - Virtual size: 88KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 1024B - Virtual size: 892B

.reloc Size: 512B - Virtual size: 32B

.textbss
Size: - Virtual size: 432KB

.text
Size: 512B - Virtual size: 464B

.idata
Size: 89KB - Virtual size: 88KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 1024B - Virtual size: 892B

.reloc
Size: 512B - Virtual size: 32B