cb5aa1667a163444f04bb2b8c661bad8201a2a40a16fa3cf887f4a35075e303d

Sharing

Copy URL Twitter E-mail

General

Target

cb5aa1667a163444f04bb2b8c661bad8201a2a40a16fa3cf887f4a35075e303d
Size

72KB
MD5

ac289d7e1a9f2339b8b16dd4abb635a8
SHA1

5252e11f9aab77a262dd3a1893be8436da910d50
SHA256

cb5aa1667a163444f04bb2b8c661bad8201a2a40a16fa3cf887f4a35075e303d
SHA512

f4c0ee823526c0b238ff821b58e06e92bed61cfe4fe0d7a89491fad11bb96f9c57e54ddbe0b7f1cbce8d92ae6834927753cb784097b51a1e51c2d0db210db4e9
SSDEEP

1536:yC85PMWqj9pPYkTmEpU4qk8e+PfMYtgv4d1zr84blw6mo636L/ReOupo7wAzOJ:IG1j9S2cTxPf9gv4dN8PgqKJeOuahaJ

Score

N/A

Malware Config

Signatures

Files

cb5aa1667a163444f04bb2b8c661bad8201a2a40a16fa3cf887f4a35075e303d
.exe windows x86

ed4abe7847d59b85b2ff3d3e3dd2459b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

w32topl

ToplSTHeapExtractMin
ToplGraphDestroy
ToplGraphRemoveVertex
ToplHeapExtractMin
ToplFree
ToplVertexDestroy
ToplListRemoveElem
ToplGetSpanningTreeEdgesForVtx
ToplScheduleCreate
ToplScheduleNumEntries
ToplListNumberOfElements
ToplVertexSetParent
ToplScheduleDuration
ToplAddEdgeSetToGraph
ToplEdgeGetToVertex
ToplHeapCreate

atmlib

ATMAddFontExA
ATMAddFontA
ATMFontStatus
ATMEnumMMFontsW
ATMAddFontW
ATMGetNtmFieldsW
ATMEnumFontsA
ATMRemoveFontA
ATMGetNtmFields
ATMGetGlyphListW
ATMFontAvailableW
ATMProperlyLoaded
ATMEnumFonts
ATMClient
ATMMakePFMA

advapi32

CryptExportKey
SystemFunction017
CryptGenKey
OpenSCManagerW
CredpConvertTargetInfo
StartTraceW
CredEnumerateW
LsaQueryForestTrustInformation
LsaICLookupNames
GetKernelObjectSecurity
CredReadDomainCredentialsA
LsaLookupNames
CredIsMarshaledCredentialW
LsaGetQuotasForAccount
ConvertStringSidToSidW
SetNamedSecurityInfoExW
LogonUserExA
CryptGetProvParam
RegGetKeySecurity

kernel32

GetThreadPriority
GetConsoleCommandHistoryLengthA
LoadLibraryA
GetProfileStringW
ExitProcess
GetCurrentThread
GetThreadTimes
OutputDebugStringA
WaitForMultipleObjectsEx
GetFirmwareEnvironmentVariableA
HeapFree
WriteProfileSectionW
RegisterConsoleOS2
SetVolumeLabelA
HeapCreate
SetConsolePalette
LocalSize
QueryMemoryResourceNotification
GetCommandLineA
MapViewOfFileEx
GetStartupInfoA
GetStringTypeA
VirtualAlloc
CreateHardLinkA
WaitNamedPipeA
WTSGetActiveConsoleSessionId
GetPrivateProfileSectionNamesW
GetConsoleHardwareState
SetLocaleInfoA
GetConsoleAliasExesLengthA
GetBinaryTypeA
GetFileSize

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed4abe7847d59b85b2ff3d3e3dd2459b

Headers

File Characteristics

Imports

w32topl

atmlib

advapi32

kernel32

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 142KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 142KB

.rsrc
Size: 2KB - Virtual size: 1KB