c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0

Sharing

Copy URL

Twitter E-mail

General

Target

c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0
Size

297KB
MD5

6e8736b900bc276dad7b345f39ce93c5
SHA1

24698881123d915b5cca7d3843b1df9146ffed3d
SHA256

c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0
SHA512

5e7e458ab959a007cd2a4864d3f24c0c96bfe8ceac94cdbad891bb7813e4c5b5aa551a0ea27f5f6dcf24d7d470afdb60d7103b1d3f55a996247185bf2a152ea6
SSDEEP

6144:Qu5F6jEpOLFCySFot9rUXtRlEsMVYP6+/W4uYpybBCpFnnCbsIN0:f5F6jEpOZCxFH9EFGJe4pm8Iq

Score

N/A

Malware Config

Signatures

Files

c8172d882bdaa7b3f451d11b761ef73bb40220d872d4c644f0d7ec49800f8bb0
.exe windows x86

3767221f262e3fd1dee2f5252714dbf2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
SetEndOfFile
SetUnhandledExceptionFilter
InterlockedIncrement
OpenSemaphoreA
CallNamedPipeW
FreeEnvironmentStringsA
_lclose
GetProcessPriorityBoost
ReadConsoleW
SetCommState
GetPriorityClass
GlobalAlloc
GetConsoleMode
CopyFileW
LeaveCriticalSection
WritePrivateProfileStructW
GetNamedPipeInfo
GetBinaryTypeA
TerminateProcess
IsDBCSLeadByte
ReadFile
lstrcatA
CopyFileExW
lstrlenW
FindNextVolumeMountPointW
GetNamedPipeHandleStateW
SetCurrentDirectoryA
GetStdHandle
SetLastError
GetProcAddress
GetTapeStatus
MoveFileW
SetComputerNameA
LoadLibraryA
BuildCommDCBAndTimeoutsW
SetConsoleDisplayMode
AddAtomA
GetPrivateProfileStructA
SetEnvironmentVariableA
EnumDateFormatsA
EnumResourceNamesA
RequestWakeupLatency
GetCurrentDirectoryA
GetVersionExA
LocalFree
GetACP
CreateMutexW
WideCharToMultiByte
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
MoveFileA
HeapFree
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetStartupInfoW
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA
GetModuleHandleA

advapi32

SetThreadToken

Exports

Exports

_asdga@4
_letter@12
_wedding@4
_weewgg@8
_welcome@4
_yongfeng@4

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3767221f262e3fd1dee2f5252714dbf2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 261KB - Virtual size: 261KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 4.0MB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 261KB - Virtual size: 261KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 4.0MB

.rsrc
Size: 8KB - Virtual size: 7KB