df407f85cc3c00e6f6eba8508c2865dddaf37b100252c1e1dbc83868e13cc0a3

Sharing

Copy URL Twitter E-mail

General

Target

df407f85cc3c00e6f6eba8508c2865dddaf37b100252c1e1dbc83868e13cc0a3
Size

212KB
MD5

35bdfd697347ce6ac621b270a998f887
SHA1

541029176420e5e29e6858e7d69584b9786ea510
SHA256

df407f85cc3c00e6f6eba8508c2865dddaf37b100252c1e1dbc83868e13cc0a3
SHA512

24f40efd9f81b48f332896450901a6cc5d8fe30b46aa7f3b4d3e939496d2e7a30bfadaf997e66d011fdd77d90f317d4913ba5cb5466673e6cbcdea8208711bee
SSDEEP

6144:UF1x2zLCLheEIVbXr/BlzevEJe5DycdUPkH:UF1+LCYH/BlzC95DI8

Score

N/A

Malware Config

Signatures

Files

df407f85cc3c00e6f6eba8508c2865dddaf37b100252c1e1dbc83868e13cc0a3
.exe windows x86

cb898fc917e7909097853c09c8264098

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetVersionExW
OpenProcess
GlobalFree
QueryPerformanceFrequency
GlobalAlloc
MulDiv
GetLocaleInfoW
GlobalUnlock
GetTimeFormatW
InterlockedExchange
GetCurrentProcessId
GetFileTime
GetDiskFreeSpaceW
FindCloseChangeNotification
GetVolumeInformationW
DeleteCriticalSection
GetLocalTime
CreateFileW
GetModuleHandleW
InitializeCriticalSection
EnterCriticalSection
GetCurrentThread
WriteConsoleW
CompareStringW
CompareStringA
SetEndOfFile
HeapSize
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
VirtualQuery
RtlUnwind
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetTimeZoneInformation
WideCharToMultiByte
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
FindFirstFileA
FindNextFileA
GetModuleHandleA
GetStartupInfoW
GetVersionExA
HeapFree
CloseHandle
ReadFile
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
SetFilePointer
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
SetEnvironmentVariableA

winspool.drv

DocumentPropertiesW
ClosePrinter
EnumPrintersW
OpenPrinterW

ole32

OleUninitialize
CoCreateInstance
CoUninitialize
CoInitialize
OleInitialize

ws2_32

WSACreateEvent
WSAGetOverlappedResult
WSAConnect
WSAWaitForMultipleEvents
socket
getprotobynumber
setsockopt
getservbyname
WSASocketW

wininet

HttpSendRequestExW
InternetAttemptConnect
HttpEndRequestW
InternetWriteFile
InternetSetOptionW
InternetSetCookieW
InternetReadFile
InternetQueryOptionW
InternetQueryDataAvailable
InternetOpenW
InternetGetCookieW
InternetErrorDlg
InternetCrackUrlW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestW
HttpAddRequestHeadersW

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb898fc917e7909097853c09c8264098

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

ole32

ws2_32

wininet

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 12KB - Virtual size: 538KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 12KB - Virtual size: 538KB

.rsrc
Size: 8KB - Virtual size: 4KB