99dc3fa5b1eb7771475721fbfb981615126ccb11e51bd0f8375735f1eedf9d7a

Sharing

Copy URL

Twitter E-mail

General

Target

99dc3fa5b1eb7771475721fbfb981615126ccb11e51bd0f8375735f1eedf9d7a
Size

259KB
MD5

16ee0affd90564a4bc174144b100af1b
SHA1

218c7b919ce938ab78afa6979895250f1f1cdea8
SHA256

99dc3fa5b1eb7771475721fbfb981615126ccb11e51bd0f8375735f1eedf9d7a
SHA512

856970fa108ed79d21d786416c7177c9d4d9ea3a87f8863a18406d32e7cceca7b1cd73013467e995d3f634bd46688a096393160205750ad2345a998225d533a3
SSDEEP

6144:L8SHY14PRLaHOmOFWRVwQDDZO9fT32bn/VS:LvHYqPRKOmOFWAK1QfTc

Score

N/A

Malware Config

Signatures

Files

99dc3fa5b1eb7771475721fbfb981615126ccb11e51bd0f8375735f1eedf9d7a
.exe windows x86

843c2426cafd785c0880189c143a8faf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
_llseek
SetEndOfFile
SetUnhandledExceptionFilter
InterlockedIncrement
ReadConsoleA
SetConsoleActiveScreenBuffer
SetEnvironmentVariableW
WaitForSingleObject
OpenSemaphoreA
FreeEnvironmentStringsA
SetTapeParameters
GetProcessPriorityBoost
GlobalAlloc
LoadLibraryW
CopyFileW
GetPrivateProfileStructW
LeaveCriticalSection
WritePrivateProfileStructW
GetNamedPipeInfo
GetBinaryTypeA
TerminateProcess
IsDBCSLeadByte
ReadFile
lstrcatA
SetPriorityClass
lstrlenW
FindNextVolumeMountPointW
GetNamedPipeHandleStateW
SetCurrentDirectoryA
GetStdHandle
SetLastError
GetProcAddress
GetTapeStatus
MoveFileW
GetConsoleDisplayMode
SetComputerNameA
LoadLibraryA
BuildCommDCBAndTimeoutsW
BeginUpdateResourceA
AddAtomA
WaitForMultipleObjects
EnumDateFormatsA
EnumResourceNamesA
RequestWakeupLatency
GetCurrentDirectoryA
_lopen
GetVersionExA
LocalFree
GetACP
CreateMutexW
WideCharToMultiByte
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
MoveFileA
HeapFree
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetStartupInfoW
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA
GetModuleHandleA

advapi32

RevertToSelf

Exports

Exports

_asdga@4
_letter@12
_ssangyong@8
_wedding@4
_welcome@4
_yongfeng@4

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

843c2426cafd785c0880189c143a8faf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 224KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 4.0MB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 224KB - Virtual size: 224KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 4.0MB

.rsrc
Size: 7KB - Virtual size: 6KB