f5bb9030d0a40921b45118048ac4117b995f5dfc52c25b68a4b4b3619f3a2ebc

Sharing

Copy URL

Twitter E-mail

General

Target

f5bb9030d0a40921b45118048ac4117b995f5dfc52c25b68a4b4b3619f3a2ebc
Size

858KB
MD5

c2d239bea12f6257d54cbcc44b6bb517
SHA1

a1c45203336db353eb0a928a9649d70d857387ba
SHA256

f5bb9030d0a40921b45118048ac4117b995f5dfc52c25b68a4b4b3619f3a2ebc
SHA512

1dfffa3333385f14f94d606af00a40f716cfbeab745a9da7ffc512686f5feed26b3568b88dbae6bd1536a808e82c30b1a2eaa25fd3691088786fe02602658b23
SSDEEP

24576:dn3f/vlat2mXVlvjgmAmkV85L4Hk0BiYdudJn:xoXVl7gmA5VG0oEudJn

Score

N/A

Malware Config

Signatures

Files

f5bb9030d0a40921b45118048ac4117b995f5dfc52c25b68a4b4b3619f3a2ebc
.exe windows x86

00c81de9b37060495e977a309c67b36f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

srand
memmove
towupper
freopen
_ismbblead
sin
_vsnwprintf
feof
wcscpy
_y0
_dup2
_ltoa
_abnormal_termination
difftime
iswxdigit
_pwctype_dll
_strnextc
_CIacos
_exit
_timezone_dll
ungetc
_beep
_mbsnbcpy
_makepath
mbtowc
_isctype
_mbsicmp
isleadbyte
_CIatan2
_osversion_dll
vprintf
_mbsnbcat
_fgetwchar
_write
_ismbbalpha
wcstol
_ismbclower
_lfind
_execv

vdmdbg

VDMEnumTaskWOW
VDMSetThreadContext
VDMModuleNext
VDMModuleFirst
VDMGlobalFirst
VDMSetContext
VDMGetAddrExpression
VDMStartTaskInWOW
VDMGetThreadSelectorEntry
VDMDetectWOW
VDMIsModuleLoaded
VDMGlobalNext
VDMProcessException
VDMGetContext
VDMKillWOW
VDMBreakThread
VDMTerminateTaskWOW
VDMGetThreadContext
VDMGetPointer
VDMSetDbgFlags
VDMGetSymbol
VDMGetDbgFlags
VDMGetModuleSelector
VDMEnumProcessWOW
VDMEnumTaskWOWEx
VDMGetSegtablePointer

kernel32

LZCreateFileW
VirtualAlloc
DeleteFileA
GetLongPathNameW
GetLocaleInfoW
FindFirstChangeNotificationW
GetACP
LoadLibraryA
SetSystemTime
GetTapeParameters
SetMessageWaitingIndicator
SetClientTimeZoneInformation
ReplaceFileW
SetCommBreak
QueueUserAPC
GetHandleInformation
GetPrivateProfileSectionA
DebugActiveProcessStop
GlobalAlloc
ChangeTimerQueueTimer
SetEndOfFile
CreateEventW
GetCommandLineW
IsValidLocale
GetOEMCP
FindFirstVolumeW
FindClose
RemoveDirectoryA
FindFirstVolumeA
GlobalFlags
InitializeSListHead
ReadConsoleOutputW
SetHandleCount
GetProcessPriorityBoost
RegisterConsoleOS2
OpenJobObjectA
SetLocalPrimaryComputerNameA

msi

MsiEnumFeaturesA
MsiOpenPackageW
MsiVerifyDiskSpace
MsiSetMode
MsiLocateComponentA
MsiDatabaseOpenViewW
MsiEnumFeaturesW
DllGetClassObject
MsiGetProductCodeW
MsiEnumComponentsW
MsiEnumPatchesW
MsiEnumComponentsA
MsiGetPatchInfoW
MsiSetExternalUIA
MsiApplyPatchA
MsiSetInternalUI
MsiDeleteUserDataW
MsiSummaryInfoGetPropertyCount
MsiAdvertiseProductW
MsiConfigureProductW
MsiDatabaseGetPrimaryKeysW
DllGetVersion
MsiRecordClearData
Migrate10CachedPackagesA
MsiAdvertiseProductExW
MsiOpenDatabaseW
MsiGetMode
MsiSourceListClearAllA
MsiPreviewDialogW
MsiGetFeatureStateW
MsiDatabaseApplyTransformA
MsiInvalidateFeatureCache
MsiDoActionA
Migrate10CachedPackagesW
MsiSequenceA
MsiGetSourcePathW
MsiRecordGetInteger
MsiGetLastErrorRecord
MsiRecordSetInteger
MsiSetTargetPathA
MsiGetFeatureUsageA
MsiUseFeatureExA
MsiSetInstallLevel
MsiQueryFeatureStateA
MsiReinstallFeatureW

Sections

.text
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00c81de9b37060495e977a309c67b36f

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

vdmdbg

kernel32

msi

Sections

.text Size: 349KB - Virtual size: 349KB

.rdata Size: 370KB - Virtual size: 370KB

.data Size: 136KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 349KB - Virtual size: 349KB

.rdata
Size: 370KB - Virtual size: 370KB

.data
Size: 136KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B