877096f5d9473d42d3520a3fe01c9bc8d785abcfa753fb74f938ee9f713eff9f

Sharing

Copy URL Twitter E-mail

General

Target

877096f5d9473d42d3520a3fe01c9bc8d785abcfa753fb74f938ee9f713eff9f
Size

200KB
MD5

9f79b59e3fbb12fa4794bf5fc4283d41
SHA1

9ddf73507ad3ca9c2735ccd18b07b3b962fb5311
SHA256

877096f5d9473d42d3520a3fe01c9bc8d785abcfa753fb74f938ee9f713eff9f
SHA512

0fca61736d9507c0da703fbcd2c1bd7acd02d430be33859daddcb694129dade6f60f233784dba7b669db7679a322f233c1380f9c7474da44af677b7b9d782883
SSDEEP

3072:wdQKP8Uj12KXEwuqd6bSHnvxKhSuXL5JW5Fu1GfEsYhqCO0S5lyomEKrKyA3:nU//uqd6bSHvxEpQ0GfEseAlyoDoKy2

Score

N/A

Malware Config

Signatures

Files

877096f5d9473d42d3520a3fe01c9bc8d785abcfa753fb74f938ee9f713eff9f
.exe windows x86

536073ef3ca608b95d920411e6475e46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msctf

TF_CreateCategoryMgr
TF_CreateThreadMgr
TF_CreateInputProcessorProfiles
TF_GetGlobalCompartment
TF_InvalidAssemblyListCacheIfExist
TF_GetThreadMgr
TF_PostAllThreadMsg
TF_InitSystem
TF_UninitSystem
TF_CreateLangBarItemMgr
TF_IsCtfmonRunning
TF_CreateLangBarMgr
TF_CreateDisplayAttributeMgr
TF_GetThreadFlags
TF_CreateCicLoadMutex

kernel32

GetACP
RequestWakeupLatency
BeginUpdateResourceW
InitAtomTable
BuildCommDCBAndTimeoutsA
GetCurrencyFormatA
GetCalendarInfoA
HeapCreate
VirtualAlloc
FreeUserPhysicalPages
OpenMutexW
TransmitCommChar
FindFirstVolumeMountPointA
FileTimeToDosDateTime
GetThreadPriorityBoost
SetTapePosition
ReadConsoleOutputAttribute
SetLocaleInfoW
GetConsoleInputWaitHandle
LoadLibraryA
LocalAlloc
ReplaceFileW
VDMConsoleOperation
lstrcpynW
SetVolumeMountPointA
GetSystemTimeAsFileTime
lstrlen

ntdll

ZwFlushInstructionCache
ZwOpenSemaphore
NtFsControlFile
NtSetIoCompletion
ZwSetInformationKey
ZwReadRequestData
NtTerminateThread
NtDeleteFile
RtlDllShutdownInProgress
NtNotifyChangeKey
LdrUnloadDll
RtlCreateQueryDebugBuffer
ZwRaiseException
ZwSaveMergedKeys
NtCreateMailslotFile
NtQueryTimerResolution
NtCreateToken
_strupr
ZwCreateJobObject

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 160KB - Virtual size: 416KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

536073ef3ca608b95d920411e6475e46

Headers

DLL Characteristics

File Characteristics

Imports

msctf

kernel32

ntdll

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

PACK Size: 160KB - Virtual size: 416KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

PACK
Size: 160KB - Virtual size: 416KB