298bf70f976eb66218d1dede96f17a68c82c7922c34ccba1168485a7b26fcd5d

Sharing

Copy URL

Twitter E-mail

General

Target

298bf70f976eb66218d1dede96f17a68c82c7922c34ccba1168485a7b26fcd5d
Size

449KB
MD5

3275615c33bffe2f401ceb7665775006
SHA1

dbf0aa8ad6acea9e3830f2a6d1611c4057c6e9ed
SHA256

298bf70f976eb66218d1dede96f17a68c82c7922c34ccba1168485a7b26fcd5d
SHA512

d45db02ef5b40440cc6a08113fb44bc42d3266f79005737a4333dd05c9dbcd4677fb7ff3d081c060e295a7b77dfd62421199545645d169cb70a9e9fd507d2cb5
SSDEEP

6144:ufdpcKAT7YgSdGwYwgIiefwcp8oV123cM6vzQZIdaQn2LVsjo1zHIwzmwW8n6z7:ufdmKyY9wwgIgcVYsM6vTosYowVQ7

Score

N/A

Malware Config

Signatures

Files

298bf70f976eb66218d1dede96f17a68c82c7922c34ccba1168485a7b26fcd5d
.exe windows x86

3bb85935dd89c47b5e23c0d7b9f226e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
BuildCommDCBAndTimeoutsA
SetUnhandledExceptionFilter
InterlockedIncrement
GetCommState
SetEnvironmentVariableW
OpenSemaphoreA
CallNamedPipeW
_lclose
LocalFlags
FindNextVolumeMountPointA
ReadConsoleW
SetProcessPriorityBoost
GetPriorityClass
GetConsoleMode
GetPrivateProfileStructW
LeaveCriticalSection
TerminateProcess
ReadFile
lstrcatA
_llseek
GetACP
lstrlenW
DisconnectNamedPipe
SetCurrentDirectoryA
GetStdHandle
FreeLibraryAndExitThread
GetCurrentDirectoryW
SetLastError
GetProcAddress
GetTapeStatus
MoveFileW
CopyFileA
LoadLibraryA
LocalAlloc
AddAtomA
EnumDateFormatsA
EnumResourceNamesA
RequestWakeupLatency
lstrcpyW
CopyFileExW
GetBinaryTypeW
CreateMutexW
GetLastError
MoveFileA
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
EnterCriticalSection
SetHandleCount
GetFileType
DeleteCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetFilePointer
GetConsoleCP
GetModuleHandleA
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA

advapi32

AccessCheck
RevertToSelf

Exports

Exports

_asdga@4
_letter@12
_wedding@4
_weewgg@8
_welcome@4
_yongfeng@4

Sections

.text
Size: 399KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bb85935dd89c47b5e23c0d7b9f226e1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 399KB - Virtual size: 398KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 17KB - Virtual size: 4.0MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 399KB - Virtual size: 398KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 17KB - Virtual size: 4.0MB

.rsrc
Size: 19KB - Virtual size: 18KB