cf8c22e7b6a7feeba2121fe75f883fda419602fe3bac897cc569093a1e5bf2ef

Sharing

Copy URL

Twitter E-mail

General

Target

cf8c22e7b6a7feeba2121fe75f883fda419602fe3bac897cc569093a1e5bf2ef
Size

402KB
MD5

8df08089ebdc1a64ebe342d798178b57
SHA1

090c48fc60c1ea84edc5d27cf432d8915a5ec80d
SHA256

cf8c22e7b6a7feeba2121fe75f883fda419602fe3bac897cc569093a1e5bf2ef
SHA512

c9599bb04be1d63b8e70189e86b64db6ab652f188bd7e6e57ff16a64917668682fdbf932cc5ed92b2d1f0857a2d7f752968e4b1171d051475b0bf6d03b53456b
SSDEEP

12288:6Oz9P8RUoJNCVmg2VURce4s7KD5DuuBWmYR:7o2mgisc1uuBWn

Score

N/A

Malware Config

Signatures

Files

cf8c22e7b6a7feeba2121fe75f883fda419602fe3bac897cc569093a1e5bf2ef
.exe windows x86

8927061f332466c7113c22a49d7f4282

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

nmi

??1nCException@@QAE@XZ
ord3
?GetString@nCException@@QBEXAAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
ord4
?GetErrcode@nCException@@QBEXAAW4tagERRCODE@@@Z
ord1
ord2
??0nCNMIException@@QAE@I@Z
?GetString@nCException@@QBEXPAG@Z
??1nCNMIException@@QAE@XZ

nv_common

?LogFatal@nCCGILog@@QAA_NHPAG00JPBGZZ
ord19
?Initialize@nCLog@@QAEXIIPBG0@Z
?LogTrace@nCCGILog@@QAA_NHPAG00JPBGZZ
?TO_FILE@nCLog@@2IB
??1nCCGILog@@QAE@XZ
?LogError@nCCGILog@@QAA_NHPAG00JPBGZZ
??0nCCGILog@@QAE@XZ

specialcase

?GetSpecialVersionInfo@@YAXQAG00@Z
??0nCSpecialCase@@QAE@PAVnCNMI@@ABUtagAccessHandle@@@Z
?SPGetValue@nCSpecialCase@@QAGXAAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAVnCManagedObject@@@Z

iphlpapi

GetAdaptersInfo
GetNumberOfInterfaces

kernel32

SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
ReadFile
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetSystemDefaultLangID
GetModuleFileNameW
GetComputerNameW
CloseHandle
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
GetEnvironmentVariableA
GetACP
GetOEMCP
SetEnvironmentVariableA
LoadLibraryA
CreateFileA
SetEndOfFile
GetProcAddress
RtlUnwind
RaiseException
HeapFree
GetLastError
GetTimeZoneInformation
GetLocaleInfoW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
HeapSize
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
FlushFileBuffers
SetUnhandledExceptionFilter
GetModuleHandleA
GetModuleFileNameA

user32

wsprintfW

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegCreateKeyExW

Sections

.text
Size: 328KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8927061f332466c7113c22a49d7f4282

Headers

File Characteristics

Imports

nmi

nv_common

specialcase

iphlpapi

kernel32

user32

advapi32

Sections

.text Size: 328KB - Virtual size: 325KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 24KB - Virtual size: 31KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 328KB - Virtual size: 325KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 24KB - Virtual size: 31KB

.rsrc
Size: 10KB - Virtual size: 10KB