d89e8e3248b5ce5f7a5f9dbd64f3d3fadb2ac5983aba240c496a32f03cefc4cf

Sharing

Copy URL

Twitter E-mail

General

Target

d89e8e3248b5ce5f7a5f9dbd64f3d3fadb2ac5983aba240c496a32f03cefc4cf
Size

915KB
MD5

198f8b51353ba6c2473297958b2f4730
SHA1

3a95ceefa3963668b3d6d7127cc2c6be50be1174
SHA256

d89e8e3248b5ce5f7a5f9dbd64f3d3fadb2ac5983aba240c496a32f03cefc4cf
SHA512

135ed02aaa62dc0a2be20c1859567e0e8c02181703084beaa4d14850b7b3db3b1fff1157494ae58ec3454796ba9f1095f2685915991ffffe26d4358ec1fd8681
SSDEEP

6144:j9JUm2y14qmQJqapPTJfk2PHnxS8VDJiNzYiAOMv:xJLmQJxJfk2fxVJuu

Score

N/A

Malware Config

Signatures

Files

d89e8e3248b5ce5f7a5f9dbd64f3d3fadb2ac5983aba240c496a32f03cefc4cf
.exe windows x86

7085c56a5817ef299666de81dd542668

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
EnumSystemLanguageGroupsW
GetFileInformationByHandle
GetVolumeNameForVolumeMountPointW
GlobalSize
HeapDestroy
IsBadStringPtrW
LoadLibraryW
MoveFileExW
ReadFile
SetConsoleCP
TlsSetValue
WaitForSingleObjectEx
WriteConsoleOutputAttribute
lstrcpyW
VirtualAlloc
CloseHandle
GetDefaultCommConfigA
HeapCreate
ReadConsoleOutputAttribute
lstrlenW
DisableThreadLibraryCalls
EnumDateFormatsW
FindResourceW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTapeStatus
GetTickCount
GetVersionExA
GetVolumePathNameA
GlobalMemoryStatus
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LoadLibraryExW
LoadResource
OpenEventW
QueryPerformanceCounter
RaiseException
SetCommConfig
SetEvent
SizeofResource
Sleep
WriteFile
_lopen
lstrcmpiW
lstrcpy
AreFileApisANSI
CreateConsoleScreenBuffer
CreateJobObjectW
DnsHostnameToComputerNameW
FreeResource
GetExitCodeProcess
MoveFileWithProgressA
SetHandleInformation
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
SetFileAttributesA
GetFileAttributesA
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
CreateDirectoryW
HeapAlloc
HeapFree
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetTimeFormatA
GetDateFormatA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
FindFirstFileW
FindNextFileW
HeapReAlloc
PeekNamedPipe
GetFileType
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetCurrentDirectoryA
GetFullPathNameA
GetLogicalDrives
HeapValidate
GetFileAttributesW
GetLocaleInfoA
GetCPInfo
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsGetValue
VirtualFree
GetACP
GetOEMCP
SetCurrentDirectoryA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
IsBadWritePtr
SetStdHandle
GetStringTypeA
GetStringTypeW
CreateFileA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetTimeZoneInformation
WaitForSingleObject
CreateProcessA
InitializeCriticalSection
HeapSize
FindNextFileA
CreateFileW
WriteConsoleA
LoadLibraryA
SetFilePointer
SetEndOfFile
FlushFileBuffers
SetConsoleCtrlHandler
GetLocaleInfoW

ole32

SNB_UserFree
OleQueryCreateFromData
OleNoteObjectVisible
HMETAFILE_UserMarshal
HMETAFILEPICT_UserFree
HICON_UserMarshal
CreateDataAdviseHolder
CoRegisterMallocSpy
STGMEDIUM_UserFree
HMETAFILE_UserFree
HENHMETAFILE_UserFree
FreePropVariantArray
CoUnmarshalHresult
OleRegEnumFormatEtc
CoTestCancel
HGLOBAL_UserMarshal
CoGetCurrentLogicalThreadId

oleaut32

VarMonthName
VarDateFromI4
VarBoolFromI2
SafeArrayUnlock
VariantTimeToDosDateTime
VarUI4FromI4
VarI1FromUI2
VarBstrFromUI4
VarBoolFromCy
SafeArrayRedim
VarUI2FromStr
VarCyFromBool

rpcrt4

I_RpcReallocPipeBuffer
I_RpcBindingInqWireIdForSnego
RpcSmFree
NdrServerInitializeMarshall
NdrProxySendReceive
I_RpcServerAllocateIpPort
RpcMgmtIsServerListening
RpcServerUseProtseqA
RpcSmDisableAllocate
NdrConformantArrayMemorySize
NdrConformantArrayMarshall
MesHandleFree
I_RpcAsyncSetHandle
NdrDllGetClassObject
IUnknown_Release_Proxy
RpcServerUseProtseqIfA
RpcObjectSetType
NdrStubCall2
RpcBindingInqAuthInfoExA

shell32

SHGetFolderLocation
SHBrowseForFolderA
SHAppBarMessage
InternalExtractIconListA
DragQueryFileW
SHGetFileInfoW
ShellExecuteW

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 408KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7085c56a5817ef299666de81dd542668

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

rpcrt4

shell32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 276KB - Virtual size: 274KB

.data Size: 408KB - Virtual size: 416KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 276KB - Virtual size: 274KB

.data
Size: 408KB - Virtual size: 416KB