c2f6a9df98cce093445db99e46b3d69d9861b9b5cf27d3cec70db0996c7c83d4

Sharing

Copy URL Twitter E-mail

General

Target

c2f6a9df98cce093445db99e46b3d69d9861b9b5cf27d3cec70db0996c7c83d4
Size

64KB
MD5

d06aedf5a8c33c97a0a1eb08dc938226
SHA1

6091f042377c45acde2b8d2295a7ac0ad7e74604
SHA256

c2f6a9df98cce093445db99e46b3d69d9861b9b5cf27d3cec70db0996c7c83d4
SHA512

d4baa37f8d4781daf81bb56ee91ad48a7983c0a21c599b8a8292bead8497e284da5d28bf35e932dc7c39d5f010df7d13f5ace629856bc0533f9c7af133d5c76e
SSDEEP

1536:qQPw22QeX9bL7wbkMiBeJ1G7I0/Cxr1ghdzrxhUhXLVjJh:rafRLGk1Bem7I0BhdvmVjv

Score

N/A

Malware Config

Signatures

Files

c2f6a9df98cce093445db99e46b3d69d9861b9b5cf27d3cec70db0996c7c83d4
.exe windows x86

bb43abd07b6e18e9dafe6a0975b159bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ulib

?Display@MESSAGE@@QAAEPBDZZ
?Replace@WSTRING@@QAEEKKPBV1@KK@Z
??MTIMEINFO@@QBEEV0@@Z
?Initialize@FSTRING@@QAEPAVWSTRING@@PAGK@Z
??1PRINT_STREAM@@UAE@XZ
?Strcmp@WSTRING@@SGHPAG0@Z
??1FSN_FILTER@@UAE@XZ
?SetBit@BITVECTOR@@QAEXKK@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?ReadMbLine@STREAM@@QAEEPADKPAKEK@Z
??OWSTRING@@QBEEABV0@@Z
?DeleteAllMembers@SORTED_LIST@@UAEEXZ
?Truncate@WSTRING@@QAEKK@Z
?Initialize@KEYBOARD@@QAEEEE@Z
??PWSTRING@@QBEEABV0@@Z
?Initialize@SCREEN@@QAEEXZ
??0BITVECTOR@@QAE@XZ
??0PRINT_STREAM@@QAE@XZ
?Initialize@PROGRAM@@QAEEKKK@Z
?Initialize@MEM_ALLOCATOR@@QAEE_KK@Z
?QueryChCount@WSTRING@@QBEKXZ
?SetLoggingEnabled@MESSAGE@@QAEXE@Z

kernel32

GetTickCount
GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
EnumLanguageGroupLocalesA
GetSystemInfo
GetLocaleInfoW
WriteConsoleInputW
EnumCalendarInfoExA
GetConsoleAliasesLengthW
SetConsoleKeyShortcuts
EnumSystemCodePagesA
SetLastConsoleEventActive
GetWindowsDirectoryA
SetDefaultCommConfigA
GetCurrencyFormatA
SetCurrentDirectoryA
ReleaseSemaphore
WriteConsoleInputA
GetCalendarInfoW
CreateConsoleScreenBuffer
GetConsoleCommandHistoryA
CopyFileW
SetConsoleNlsMode
OpenProcess

ntdll

RtlSetSecurityObject
ZwOpenObjectAuditAlarm
RtlIsValidHandle
RtlTimeToSecondsSince1970
RtlSetDaclSecurityDescriptor
RtlTraceDatabaseAdd
RtlUpdateTimer
ZwFlushKey
RtlLengthSid
memset
NtPrivilegeObjectAuditAlarm
ZwSetSystemTime
CsrIdentifyAlertableThread
towlower
ZwImpersonateAnonymousToken
RtlFirstFreeAce
RtlOpenCurrentUser
ZwExtendSection

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb43abd07b6e18e9dafe6a0975b159bc

Headers

DLL Characteristics

File Characteristics

Imports

ulib

kernel32

ntdll

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 1024B - Virtual size: 700B

.data Size: 2KB - Virtual size: 86KB

.rsrc Size: 1024B - Virtual size: 952B

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 1024B - Virtual size: 700B

.data
Size: 2KB - Virtual size: 86KB

.rsrc
Size: 1024B - Virtual size: 952B