7fc8146cdace0dda85b547cabf00d6899c0295e5afd3cce7028971a576514f71

Sharing

Copy URL

Twitter E-mail

General

Target

7fc8146cdace0dda85b547cabf00d6899c0295e5afd3cce7028971a576514f71
Size

281KB
MD5

565b3a914f11fddf2fe1dbaefc4c657d
SHA1

dd1b56063e465820aa7e107d30a82d484cf25183
SHA256

7fc8146cdace0dda85b547cabf00d6899c0295e5afd3cce7028971a576514f71
SHA512

9d033169a578404a1f1dc2e7f93694e6357253d41f22ac045e19ff45c2aa34af598d1a496d0d979a4e3ca71b12cd5112d515532d37e7d76a43cc9c1f56a9cec2
SSDEEP

6144:pXBqe4fG+FCdvPBgWZjOM6l/2/aq9ighOl:VBqFfG+F+vOKC9ii

Score

N/A

Malware Config

Signatures

Files

7fc8146cdace0dda85b547cabf00d6899c0295e5afd3cce7028971a576514f71
.exe windows x86

5da5e35edf196868a1a97b8258d8bf20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetProcessHeap
VirtualAlloc
GetModuleHandleW
FormatMessageW
lstrcmpW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
EnumSystemCodePagesW
WriteConsoleW
GetConsoleWindow
CloseHandle
DecodePointer
EncodePointer
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
SetConsoleCtrlHandler
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
IsValidCodePage
FindNextFileW
WriteFile
ReadFile
GetFileSize
CreateFileW
HeapReAlloc
GetStdHandle
FindFirstFileExW
FindClose
OutputDebugStringW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
GetCurrentThread
GetFileType
RaiseException

mpr

WNetAddConnectionA
WNetDisconnectDialog1W
WNetGetNetworkInformationW
WNetAddConnection2A
MultinetGetConnectionPerformanceA
WNetAddConnection3W
WNetGetUserW

mapi32

ord36
ord44
ord24
ord15
ord31
ord203
ord241

rtutils

RouterLogEventW
TraceGetConsoleA
LogErrorW
TracePrintfExW
RouterLogRegisterA
LogEventA
TraceDumpExW

oleaut32

SystemTimeToVariantTime
VARIANT_UserFree
VarI2FromDate
SafeArrayCopy
VarCyInt

comdlg32

PrintDlgA
PageSetupDlgW
GetFileTitleW
ChooseColorA
FindTextA

user32

ShowWindow
LoadStringW

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5da5e35edf196868a1a97b8258d8bf20

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mpr

mapi32

rtutils

oleaut32

comdlg32

user32

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 2KB - Virtual size: 7KB

.gfids Size: 512B - Virtual size: 416B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 416B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 8KB - Virtual size: 8KB