c7baf0bf62b76ca3c0b752e19ade6d106924a984ab7f59a0774d4cf6fb7b8db1

General

Target

c7baf0bf62b76ca3c0b752e19ade6d106924a984ab7f59a0774d4cf6fb7b8db1
Size

303KB
MD5

11a2f89556ba61d3352e5b16d50d53cb
SHA1

8f631814e9cd58e8d73e7605c29c2fee41e4faa0
SHA256

c7baf0bf62b76ca3c0b752e19ade6d106924a984ab7f59a0774d4cf6fb7b8db1
SHA512

dc54590074d53caab73de21cca3d978e31dabd3e4c2bc1bcd9ba74e1fcf0bb026aed680eab8e3ea610b53cb2b63dfa65d9dec0a1dbaf59a34c64dbc244beeae8
SSDEEP

6144:q4kvtvscjZdZibrCC0VY4GYC9AGEFCssNMaOvbEpt+SHkbAWEw:qFVvsmfibrCZVY4xC9AbFCssic2SHkcW

Score

N/A

Malware Config

Signatures

Files

c7baf0bf62b76ca3c0b752e19ade6d106924a984ab7f59a0774d4cf6fb7b8db1
.exe windows x86

bc15522b34fc6c9e1388d5e4b388bca8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
FileTimeToLocalFileTime
FreeLibrary
GetCurrentProcess
LocalAlloc
BackupRead
CreateMutexW
SetPriorityClass
DeviceIoControl
WideCharToMultiByte
LeaveCriticalSection
GetPriorityClass
GetLogicalDriveStringsW
VirtualFree
GetTapeStatus
LocalFree
SetFilePointer
GlobalFree
FileTimeToSystemTime
SetFileTime
VirtualAlloc
WriteTapemark
GetVersionExW
SetCurrentDirectoryW
ReleaseSemaphore

pdh

PdhSelectDataSourceW
PdhVbOpenLog
PdhExpandCounterPathW
PdhVbGetOneCounterPath
PdhReadRawLogRecord
PdhGetDefaultPerfCounterA
PdhEnumObjectsHW
PdhEnumMachinesHW
PdhSetCounterScaleFactor
PdhGetDefaultPerfCounterW
PdhOpenQueryW

crtdll

strcoll
_lrotr
_spawnvp
is_wctype
atan2
_mbsset
strncpy
_utime
isspace
vfwprintf
toupper
_cputs
_ismbckata
_mbsncpy
iswalnum
_ismbbpunct
_strdate
vsprintf
_execve
_heapchk
ungetwc
fmod
strchr
_cexit
_ismbchira
_fpreset
_basemajor_dll
_rotl
iswlower
_ftime
_spawnle
getenv
printf
_mbsnbcmp
_strinc
strstr
_getdrive
ceil
_mbstrlen
fgetwc
mbtowc
gmtime
sscanf
_open_osfhandle
_sys_errlist
_ltow
setbuf
iswdigit
_rmdir
gets
log10
_except_handler2
setvbuf
_futime
_unloaddll
_tzset
iswascii
atexit
exit
_execle
_execv
_mbsrev
_yn
mbstowcs
_strupr
_baseversion_dll
_loaddll
wcscat
signal
_strdup
_tolower
raise
fputs
memchr

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc15522b34fc6c9e1388d5e4b388bca8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

pdh

crtdll

Sections

.text Size: 99KB - Virtual size: 99KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 171KB - Virtual size: 880KB

.text
Size: 99KB - Virtual size: 99KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 171KB - Virtual size: 880KB