045 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

045
Size

837KB
MD5

ad70462c8ff86b9dce4215dd1e6d5087
SHA1

9bbde2e3086785362f6b52f7e360a57bfe85e70e
SHA256

91ba59c27003543aae7d75591bc24af192510c7c7b8363bc850e84c1e6b71c2f
SHA512

d7701ab223171bc85001d1afd0b28917b0541dc4267b3ae5935254a4a93fefdb835d92f6a1836c4ca598607beb405d288e807cb95fecff0dd35952fce2308595
SSDEEP

12288:91yMk/kcS7MZYyMQMqbI+S0B5GXKRG9ARNFqtkggsUiw/ZBsD+VAt/pXsL:Dyhm7MPdMq0+SG5iORSMivD+V4/pXsL

Score

1^/10

Malware Config

Signatures

Files

045
.exe windows x86

504bef34255b8691aaec7482375c58bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionNamesW
EnumResourceNamesW
SetVolumeLabelA
GetFileSize
GetDriveTypeW
SetEndOfFile
LoadResource
ScrollConsoleScreenBufferW
GetProfileSectionA
WaitForSingleObject
WriteConsoleInputA
AddConsoleAliasW
SetVolumeMountPointW
FindFirstFileExW
GetProcessPriorityBoost
GetTickCount
GetCurrentThread
GetConsoleAliasesLengthA
EnumTimeFormatsW
SetCommState
SetProcessPriorityBoost
TlsSetValue
FindResourceExA
GetPrivateProfileIntA
GetVolumeInformationA
LoadLibraryW
GetConsoleMode
TerminateThread
GetPrivateProfileStructW
GetSystemPowerStatus
GetFileAttributesA
GlobalFlags
SetConsoleCursorPosition
WriteConsoleW
WritePrivateProfileSectionW
IsDBCSLeadByte
GetTimeZoneInformation
lstrlenW
DeactivateActCtx
CreateJobObjectA
FillConsoleOutputCharacterW
GetLastError
SetLastError
GetProcAddress
SetStdHandle
SetComputerNameA
OpenWaitableTimerA
OpenThread
OpenMutexA
LocalAlloc
DeleteTimerQueue
MoveFileA
GetProfileStringA
WriteProfileSectionW
AddAtomA
WaitForMultipleObjects
WTSGetActiveConsoleSessionId
GetThreadPriority
DebugSetProcessKillOnExit
GetModuleHandleA
GetProcessShutdownParameters
RequestWakeupLatency
WaitForDebugEvent
ScrollConsoleScreenBufferA
DuplicateHandle
OpenSemaphoreW
ReleaseMutex
LocalSize
FindAtomW
DebugBreak
ReadConsoleOutputCharacterW
CommConfigDialogW
FlushFileBuffers
CloseHandle
CreateFileW
WideCharToMultiByte
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
GetCurrentThreadId
TlsFree
GetModuleHandleW
HeapValidate
IsBadReadPtr
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
WriteFile
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
OutputDebugStringW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
RaiseException
SetFilePointer
GetConsoleCP

user32

GetAncestor
GetListBoxInfo

Exports

Exports

_CallPattern@8
_futurama@4
_go@4
_hiduk@8

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 600KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yeg
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

504bef34255b8691aaec7482375c58bb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 600KB - Virtual size: 620KB

.yeg Size: 1024B - Virtual size: 741B

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 600KB - Virtual size: 620KB

.yeg
Size: 1024B - Virtual size: 741B

.rsrc
Size: 63KB - Virtual size: 62KB