c493fc4222c3dc6ee5c8c8fca1f57892f3d8b61b67a13c1385e919bc61dbd68e

Sharing

Copy URL Twitter E-mail

General

Target

c493fc4222c3dc6ee5c8c8fca1f57892f3d8b61b67a13c1385e919bc61dbd68e
Size

108KB
MD5

05507ccc4aabfbf243cb1eace403813e
SHA1

6522b26e54585f42891b0647ef0e59b794c01c45
SHA256

c493fc4222c3dc6ee5c8c8fca1f57892f3d8b61b67a13c1385e919bc61dbd68e
SHA512

fcd5c96e37db65dcebd5eac5a62e675ac99b2f3e847bb9d90644257bb5a768e83543755478f27db141ba33d21abec78041c6d1f34351bf2427c5e1e8089ac7bd
SSDEEP

1536:HppsotwtPRP54HqV+/Y+Io+GJaUzlCiTg0e0e0k/vvtO:Jyo21ty+5V0zlNnrkFO

Score

N/A

Malware Config

Signatures

Files

c493fc4222c3dc6ee5c8c8fca1f57892f3d8b61b67a13c1385e919bc61dbd68e
.exe windows x86

708c82ed22a72edaf2a2c7b0bbd21978

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetCommConfig
OpenFileMappingW
EnumSystemGeoID
UpdateResourceA
LoadLibraryA
SetProcessWorkingSetSize
lstrcpyn
GetDateFormatW
GetStartupInfoA
GetProcessAffinityMask
AddLocalAlternateComputerNameA
LZOpenFileW
GetCurrentDirectoryA
GetConsoleCursorMode
GlobalAlloc
DelayLoadFailureHook
RtlFillMemory
CallNamedPipeW
ProcessIdToSessionId
BuildCommDCBW
SetVolumeMountPointW
GetPrivateProfileStringA
GetCommMask
DuplicateHandle
OpenWaitableTimerW
VirtualAlloc
MapUserPhysicalPagesScatter
WriteConsoleW
SetCommState
SetComputerNameExW

msvcp60

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??_0?$_Complex_base@N@std@@QAEAAV01@ABN@Z
?do_grouping@?$_Mpunct@G@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?do_always_noconv@codecvt_base@std@@MBE_NXZ
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1?$messages@D@std@@UAE@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
?min@?$numeric_limits@O@std@@SAOXZ

msdtcprx

DTC_XaStart
ShutDownCM
DTC_XaPrepare
DTC_XaComplete
DTC_XaForget
DllGetDTCProxy
DTC_XaOpen
?RemoveDtc@@YGJPAG00@Z
DTC_XaClose
?GetDtcLogPath@@YGHKPAG@Z
?InstallDtcClient@@YGJPAGKK@Z
DTC_XaCommit
DllUnregisterServer

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 248B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

708c82ed22a72edaf2a2c7b0bbd21978

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp60

msdtcprx

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 30KB - Virtual size: 30KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 248B - Virtual size: 248B

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 248B - Virtual size: 248B