cab755919772499e730c32180d626464a91e7954282a129db246067dec40b9cb

Sharing

Copy URL

Twitter E-mail

General

Target

cab755919772499e730c32180d626464a91e7954282a129db246067dec40b9cb
Size

318KB
MD5

0c59185e2a1841d9499044580dff33f8
SHA1

a3cadbf902ac5152202344e7813133d3a5f9bb5a
SHA256

cab755919772499e730c32180d626464a91e7954282a129db246067dec40b9cb
SHA512

1e9d65fc12732d81d72f08fa7fb7d357c70134f964bb8ca0fe6eeca90db5ebb4c9b3321ad9a2d9f0a81b01a53b6452a399139cf9c5f205569269d7c72ff2134d
SSDEEP

6144:XwrI7f30RhNIF8lpxzQUWGisvzuY7D9m3ZVE0OY5d6Mx5n+dxsGr11GAddPl:HWh2FoLQUWGi+kVE0OY5YMSdOGr11GAd

Score

N/A

Malware Config

Signatures

Files

cab755919772499e730c32180d626464a91e7954282a129db246067dec40b9cb
.exe windows x86

236ef30ce2f17b6189797540a618ce12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

pdh

PdhUpdateLogFileCatalog
PdhListLogFileHeaderA
PdhGetFormattedCounterArrayA
PdhGetFormattedCounterArrayW
PdhLookupPerfNameByIndexW
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhParseInstanceNameW
PdhCloseLog
PdhEnumObjectsA
PdhEnumObjectsHA
PdhOpenQueryA
PdhSetLogSetRunID
PdhReadRawLogRecord
PdhCloseQuery
PdhGetDefaultPerfCounterA
PdhValidatePathA
PdhGetCounterTimeBase
PdhBrowseCountersW
PdhOpenQuery
PdhSetQueryTimeRange
PdhAddCounterA
PdhCalculateCounterFromRawValue
PdhUpdateLogW
PdhOpenQueryW
PdhVbGetCounterPathElements
PdhFormatFromRawValue

kernel32

FindClose
GetSystemTimeAsFileTime
GlobalFree
GetVersionExW
GetVolumeInformationW
LeaveCriticalSection
CloseHandle
GetVolumeNameForVolumeMountPointW
GetTapeParameters
SetCurrentDirectoryW
SetEndOfFile
Sleep
GetFileSize
TerminateProcess
InitializeCriticalSection
EnterCriticalSection
VirtualFree
CloseHandle
GetTickCount
FindFirstVolumeMountPointW
SetPriorityClass
VirtualAlloc
FindNextVolumeMountPointW
FileTimeToLocalFileTime
FlushFileBuffers
LocalAlloc
SetTapePosition
GetSystemTime
LocalFree
LocalFree
CreateFileW
SetFilePointer
GetPriorityClass
HeapFree
SetLastError

crtdll

_mbbtombc
_fgetchar
_winver_dll
_scalb
__isascii
log
tolower
_wcsdup
_mbsspnp
__toascii
memchr
_global_unwind2
fsetpos
_execle
_CIacos
_mbstrlen
_rmtmp
_strncnt
_toupper
wcstoul
wcsncat
_mbctype
feof
putchar
fgetc
strcpy
iscntrl
_getdrive
atol
strstr
wcstod
_ecvt
fputs
_acmdln_dll
wcscpy
__mb_cur_max_dll
_ultow
_execv
iswdigit
time
_spawnve
sin
strxfrm
_utime
system
clock
_putch
_CItanh
_getche
isprint
_c_exit
_CIexp
srand
_fileno
wcspbrk
log10
_CIatan
iswspace
_wcsicmp
_CIcosh
wcsrchr
_tolower
rename
_abnormal_termination
_ltoa
_chsize
__pxcptinfoptrs
_ismbbkalnum
ldexp
_rotr
_swab
_sopen
_mbsspn
wcscat
_setsystime
isgraph
_locking
_mbctokata
_exit
_mbscat
_ftime
_tzset
_ultoa
_fpclass
vsprintf
__doserrno
_ismbbkana
_strtime
iswupper
_wcsnicmp
_isctype
wcschr
cos
_strnicmp
_fcloseall
fgetpos
cosh
_pgmptr_dll
_mbsnbcpy
_ismbcspace
strncmp
_osversion_dll
_ftol
_wcslwr
signal
_ismbcsymbol
_strspnp
wcsncpy
_vsnprintf
_rmdir
_HUGE_dll
_commit
fwrite
putc
_mbsrchr
_y0
_heapset
sscanf
_controlfp
_getch
gets
_execvpe
_cexit
_sleep
_CIsin
_open_osfhandle

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 217KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

236ef30ce2f17b6189797540a618ce12

Headers

DLL Characteristics

File Characteristics

Imports

pdh

kernel32

crtdll

Sections

.text Size: 72KB - Virtual size: 72KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 217KB - Virtual size: 704KB

.text
Size: 72KB - Virtual size: 72KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 217KB - Virtual size: 704KB