dd5350f7faf9b8f684f0844aa39f0f9d07304b60cb8ae490993d5ea7ce6f7aaa

General

Target

dd5350f7faf9b8f684f0844aa39f0f9d07304b60cb8ae490993d5ea7ce6f7aaa
Size

275KB
MD5

0534de92af0da4a50b2a56463cc5be8b
SHA1

297680d78233982cbd236ad055997d1eab873e13
SHA256

dd5350f7faf9b8f684f0844aa39f0f9d07304b60cb8ae490993d5ea7ce6f7aaa
SHA512

99a1290e2fc2d368931a05cde2d60160e38a1bc10a98b74eb41536032ced59a9277e863b9b3fb9aca732163adb059db07925004f0a3a3c9cf204600cbbb603b0
SSDEEP

6144:D9v7p2OSjE/3T/nuwIQYIHKXsHM86mc2eCv4:D9l2OSjuTFIQMl8RczCv4

Score

N/A

Malware Config

Signatures

Files

dd5350f7faf9b8f684f0844aa39f0f9d07304b60cb8ae490993d5ea7ce6f7aaa
.exe windows x86

b304f17d53f9c9261de85c71ecf9bafb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

advapi32

CryptHashData
RegCloseKey
CryptGetHashParam
RegQueryValueExW
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
RegOpenKeyExW

kernel32

LeaveCriticalSection
WideCharToMultiByte
GetCurrentThreadId
LCMapStringW
SetFileAttributesW
SetFilePointer
GetFileAttributesExW
HeapDestroy
HeapAlloc
VirtualFree
HeapFree
CreateFileW
SetUnhandledExceptionFilter
MapViewOfFileEx
GetSystemTime
UnmapViewOfFile
EnterCriticalSection
GetCurrentDirectoryW
FlushViewOfFile
GetConsoleMode
GetFileInformationByHandle
InitializeCriticalSectionAndSpinCount
CloseHandle
ExpandEnvironmentStringsW
GetSystemTimeAsFileTime
GetSystemInfo
VirtualAlloc
SystemTimeToFileTime
CopyFileW
GetModuleHandleW
GetFileType
UnhandledExceptionFilter
DeleteFileW
CreateFileMappingW
FreeLibrary
SetLastError
ReadFile
LocalAlloc
IsDebuggerPresent
DeviceIoControl
RaiseException
DeleteCriticalSection
SetErrorMode
VirtualAllocEx

ntprint

PSetupFreeMem
PSetupGetPathToSearch
PSetupIsCompatibleDriver

riched20

IID_ITextHost
IID_ITextHost2
REExtendedRegisterClass
IID_ITextServices
CreateTextServices

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b304f17d53f9c9261de85c71ecf9bafb

Headers

File Characteristics

Imports

rpcrt4

advapi32

kernel32

ntprint

riched20

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 226KB - Virtual size: 567KB

.rdata Size: 2KB - Virtual size: 63KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 226KB - Virtual size: 567KB

.rdata
Size: 2KB - Virtual size: 63KB

.rsrc
Size: 27KB - Virtual size: 26KB