c481825776c06d28a2e1797c6b48d86b84132274f5c91f5a7f27f959a28d6769

Sharing

Copy URL

Twitter E-mail

General

Target

c481825776c06d28a2e1797c6b48d86b84132274f5c91f5a7f27f959a28d6769
Size

260KB
MD5

f792fde5cbdc10687e9858778866e89d
SHA1

9e3ec7dbc7b14607fbd9308f66307a36a41024db
SHA256

c481825776c06d28a2e1797c6b48d86b84132274f5c91f5a7f27f959a28d6769
SHA512

bde3691e128e79067ae8fbe554b3181895947a24b5f016fd989ad6e8d3eaa6ae083e8c19e78bd70776c6411b80406b20f64a2ac3125783fb3be4f86b727e4475
SSDEEP

6144:GrsKkfPhLCay2XnlehQQjABRqmx8rn/OuG:gsKQPh3y4ehQQYj8a

Score

N/A

Malware Config

Signatures

Files

c481825776c06d28a2e1797c6b48d86b84132274f5c91f5a7f27f959a28d6769
.exe windows x86

3f3aae631f9395475f2a2bc91db341a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
_llseek
SetEndOfFile
SetUnhandledExceptionFilter
InterlockedIncrement
ReadConsoleA
SetConsoleActiveScreenBuffer
SetEnvironmentVariableW
WaitForSingleObject
OpenSemaphoreA
CallNamedPipeW
FreeEnvironmentStringsA
SetTapeParameters
GetProcessPriorityBoost
GlobalAlloc
LoadLibraryW
CopyFileW
LeaveCriticalSection
WritePrivateProfileStructW
GetNamedPipeInfo
GetBinaryTypeA
TerminateProcess
IsDBCSLeadByte
ReadFile
lstrcatA
SetPriorityClass
lstrlenW
FindNextVolumeMountPointW
GetNamedPipeHandleStateW
SetCurrentDirectoryA
GetStdHandle
SetLastError
GetProcAddress
GetTapeStatus
MoveFileW
GetConsoleDisplayMode
SetComputerNameA
LoadLibraryA
BuildCommDCBAndTimeoutsW
BeginUpdateResourceA
AddAtomA
GetPrivateProfileStructA
WaitForMultipleObjects
EnumDateFormatsA
EnumResourceNamesA
RequestWakeupLatency
GetCurrentDirectoryA
_lopen
GetVersionExA
LocalFree
GetACP
CreateMutexW
WideCharToMultiByte
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
MoveFileA
HeapFree
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetStartupInfoW
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA
GetModuleHandleA

advapi32

SetThreadToken

Exports

Exports

_asdga@4
_letter@12
_ssangyong@8
_wedding@4
_welcome@4
_yongfeng@4

Sections

.text
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f3aae631f9395475f2a2bc91db341a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 224KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 4.0MB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 224KB - Virtual size: 224KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 4.0MB

.rsrc
Size: 8KB - Virtual size: 7KB