c1ef7dbb3843f59001c9a1dfa318aca915833f8846e7f5ed640894f8ad6da309

General

Target

c1ef7dbb3843f59001c9a1dfa318aca915833f8846e7f5ed640894f8ad6da309
Size

180KB
MD5

d99a0ef998c8ce50d2314715d4730d72
SHA1

1a02f34d44cbb7dfb611a1b0285e6ad48f840efb
SHA256

c1ef7dbb3843f59001c9a1dfa318aca915833f8846e7f5ed640894f8ad6da309
SHA512

2338fe4c40d73f8bed1e40477db2ef3128f408a39724b05e0bc48b1ac233a511e6e015ee0a294d35d1b1a5e1e40c22be9fbb76608858a4c21597bf25cd1fb134
SSDEEP

3072:KUIuQ12dnZ+KxiaG4RkCI6mXbIOgd4iWMcUd3tOrx4/DIEIkE/9QklYmaa/d7X:K5u22dnZ+KxFT5IJLNgd4iWTUdkG/DTO

Score

N/A

Malware Config

Signatures

Files

c1ef7dbb3843f59001c9a1dfa318aca915833f8846e7f5ed640894f8ad6da309
.exe windows x86

7b0716c7cf75c9509523b7c40f866842

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cabinet

ord14
ord10
ord12

pdh

PdhComputeCounterStatistics
PdhConnectMachineA
PdhCreateSQLTablesA
PdhEnumLogSetNamesA
PdhGetDataSourceTimeRangeA
PdhGetLogFileSize
PdhGetRawCounterArrayA
PdhGetRawCounterValue
PdhLookupPerfIndexByNameA
PdhLookupPerfNameByIndexA

winscard

SCardBeginTransaction
SCardConnectA
SCardControl
SCardDisconnect
SCardForgetReaderA
SCardIntroduceReaderGroupA
SCardListReadersA
SCardLocateCardsA
SCardLocateCardsByATRA
SCardReconnect
SCardReleaseContext
SCardReleaseStartedEvent
SCardState
SCardStatusA
SCardTransmit

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
SetTapePosition
GetSystemWindowsDirectoryA
ResetEvent
PulseEvent
CreateEventA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b0716c7cf75c9509523b7c40f866842

Headers

File Characteristics

Imports

cabinet

pdh

winscard

kernel32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 60KB - Virtual size: 664KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 60KB - Virtual size: 664KB

.reloc
Size: 8KB - Virtual size: 6KB