NS v[.]2[.]exe_

Resubmissions

28-12-2022 19:54

221228-ymwk2sbd74 6

28-12-2022 19:50

221228-ykm6wsee4t 1

Sharing

Copy URL

Twitter E-mail

General

Target

NS v.2.exe_
Size

125KB
MD5

597de376b1f80c06d501415dd973dcec
SHA1

629c9649ced38fd815124221b80c9d9c59a85e74
SHA256

f47e3555461472f23ab4766e4d5b6f6fd260e335a6abc31b860e569a720a5446
SHA512

072565912208e97cc691e1a102e32fd6c243b5a3f8047a159e97aabbe302bddc36f3c52cecde3b506151bc89e0f3b5acf6552a82d83dac6e0180c873d36d3f6b
SSDEEP

1536:Vc4Kvp6PWy/6oU2cpzLWJst+cYsu0TXSkdlgNPldqxFktvVg49jvvck1y40sWjcu:Vc3GJQ56et+cT7SoeNdqbMfN7TId

Score

N/A

Malware Config

Signatures

Files

NS v.2.exe_
.exe windows x86

0b0d8152ea7241cce613146b80a998fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
WaitForSingleObject
SetVolumeMountPointW
GetLogicalDrives
Sleep
HeapDestroy
HeapCreate
FindNextVolumeW
GetVolumePathNamesForVolumeNameW
GetLastError
WaitForMultipleObjects
ReleaseMutex
CloseHandle
FindFirstVolumeW
CreateThread
lstrcpyA
WriteConsoleW
SetStdHandle
SetFilePointerEx
SetEnvironmentVariableA
FindVolumeClose
CreateMutexW
QueryDosDeviceW
ExitProcess
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
RtlUnwind
OutputDebugStringW
LoadLibraryExW
MultiByteToWideChar
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
HeapReAlloc
GetCommandLineA
EncodePointer
DecodePointer
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
GetProcessHeap
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
DeleteCriticalSection
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
CompareStringW
LCMapStringW
CreateFileW

user32

wsprintfW

mpr

WNetAddConnection2W

iphlpapi

IcmpCreateFile
GetAdaptersInfo
IcmpSendEcho

ws2_32

htonl
gethostbyname
gethostname
inet_addr
inet_ntoa
WSAStartup
ntohl

netapi32

NetShareEnum
NetApiBufferFree

shlwapi

StrStrW

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

0b0d8152ea7241cce613146b80a998fd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

mpr

iphlpapi

ws2_32

netapi32

shlwapi

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 12KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 12KB