dd5ebbfae745704b8238296c310c108797bf6408c4c1d9de65a6954380dd3a1b

Sharing

Copy URL Twitter E-mail

General

Target

dd5ebbfae745704b8238296c310c108797bf6408c4c1d9de65a6954380dd3a1b
Size

150KB
MD5

59e9b87d4d7f5cf2aa2c002f71f1ad08
SHA1

a497f2f0c3a66c5022430524af1795be38e0cad7
SHA256

dd5ebbfae745704b8238296c310c108797bf6408c4c1d9de65a6954380dd3a1b
SHA512

faccf11bc4f18dc103be4a45191d782206d6a36bbd685c9e19120a37f29444c4ab251c39242e6be5703e8bc019752c81d93126ffe107af8f07df8065c2ba630b
SSDEEP

3072:/Lz6uNwwV1TI+yqKHOdgh1TDlTNqETkpqQ+LbfKLjhjjOn9E/kBY:/CArBI+Knh1F5qEOqQybfEjsc

Score

N/A

Malware Config

Signatures

Files

dd5ebbfae745704b8238296c310c108797bf6408c4c1d9de65a6954380dd3a1b
.exe windows x86

83ff2dd07160c70041538252a22990d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsnicmp
?terminate@@YAXXZ
realloc
malloc
_wcsicmp
wcschr
_cexit
_controlfp
wcslen
wcsncpy
__setusermatherr
free
wcstol
_iob
calloc
_initterm
_c_exit
__CxxFrameHandler
_wgetcwd
strtok
wcstok
__winitenv
exit
__set_app_type
fflush
wcstod
fprintf
__wgetmainargs
_exit
wcsncmp
sprintf
_XcptFilter
_wtol
wcsstr

advapi32

OpenProcessToken
GetTokenInformation
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
LookupAccountSidW
RegConnectRegistryW

kernel32

TerminateProcess
GetPrivateProfileSectionNamesW
CreateEventA
SetConsoleCursorPosition
lstrcpynW
FoldStringA
FindFirstFileW
GenerateConsoleCtrlEvent
GetSystemTimeAsFileTime
SetFilePointerEx
VirtualAlloc
GetDriveTypeW
WideCharToMultiByte
AddConsoleAliasW
LocalFree
GetCurrentProcess
GetComputerNameW
VerifyVersionInfoW
UnhandledExceptionFilter
RegisterWaitForInputIdle
SetConsoleCursorMode
GetTickCount
GetVolumePathNameW
EnterCriticalSection
FileTimeToSystemTime
GetCurrentProcessId
CreateProcessA
EnumSystemGeoID
GetModuleHandleA
CopyFileExA
SetLocalTime
FormatMessageW
CompareStringW
CreateDirectoryExA
MapViewOfFile
FindFirstVolumeMountPointW
SetConsoleHardwareState
VerSetConditionMask
SetConsoleDisplayMode
VirtualQuery
SetEvent
SetUnhandledExceptionFilter
GetVolumeInformationW
GetNumberOfConsoleInputEvents
GetComputerNameExW
lstrcmpW
OpenProcess
lstrlenW
GetLogicalDrives
CloseHandle
SetUserGeoID
ReadFile
DefineDosDeviceW
GetConsoleScreenBufferInfo
OpenWaitableTimerA
MultiByteToWideChar
SetComputerNameExW
SleepEx
GetVersion
CreateActCtxA
FindResourceW
SetLastError
GetTimeFormatW
RegisterConsoleOS2
lstrcatW
GetStdHandle
lstrcpyW
WaitForMultipleObjectsEx
CancelTimerQueueTimer
lstrcmpiW
SetLocaleInfoW
TerminateJobObject
EnumSystemLanguageGroupsA
FindNextVolumeMountPointA
LocalFlags
ReadConsoleW
CreateEventW
GetConsoleCommandHistoryA
QueryPerformanceCounter
FreeLibrary
VirtualFree
GetDiskFreeSpaceExA
SetComputerNameA
WriteConsoleW
SetConsoleMode
GetLastError
AddLocalAlternateComputerNameA
GetConsoleMode
SetProcessAffinityMask

ntdll

RtlInitAnsiString
RtlInitUnicodeString
RtlDestroyQueryDebugBuffer
NtQuerySystemInformation
RtlAnsiStringToUnicodeString
RtlAllocateHeap
RtlFreeHeap

user32

LoadStringW
CharUpperW
wsprintfW

mpr

WNetAddConnection2W
WNetCancelConnection2W
WNetGetLastErrorW

netapi32

NetServerGetInfo
NetApiBufferFree
NetFileClose
NetFileEnum

secur32

GetUserNameExW

ws2_32

WSACleanup
gethostbyname
WSAGetLastError
inet_addr
gethostbyaddr
WSAStartup

olesvr32

OleRegisterServer
DocWndProc
WEP

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LCBf
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.C
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83ff2dd07160c70041538252a22990d1

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

ntdll

user32

mpr

netapi32

secur32

ws2_32

olesvr32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 4KB

.LCBf Size: 1KB - Virtual size: 32KB

.data Size: 7KB - Virtual size: 117KB

.C Size: 2KB - Virtual size: 30KB

.rsrc Size: 113KB - Virtual size: 113KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 4KB

.LCBf
Size: 1KB - Virtual size: 32KB

.data
Size: 7KB - Virtual size: 117KB

.C
Size: 2KB - Virtual size: 30KB

.rsrc
Size: 113KB - Virtual size: 113KB