07102023_0018_samples_part00[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

07102023_0018_samples_part00.zip
Size

977KB
MD5

ecb738c4f41d6f6b12f86b1e306b56f3
SHA1

688ff5a40ebb1fa1cd1376a824fc3822ba55a2f3
SHA256

8f675837c33e2468895b407339c717969690d15ec4263d219065dc696b8b84d9
SHA512

f741401ff5d45c75d9e188e28810811765a17292227ba6d2040b4b3b5eab5b5c75c3f33fb176629e6e6c72c8c9d992dcd33d5b3af848732491c2ca771cc1c3d0
SSDEEP

24576:GvJe/nCFlhLMQpLJrZkFJaREel6lh5s+pj15AyDyS:sAElNfpUF4D0l/pp4ymS

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack002/6c9e296c4a6cff130d465fd3a7eb2dc8b464b47303f22610dbc37bdd2939fc17.bin
unpack002/a327ba259ded1cd60cc5ac3d2be441a915c0f6467684ca6879f47178e4587e62.bin
unpack002/aba3a554254a73ef313d54fc078ce5174127614265c962a14443daf6161142b1.bin
unpack001/6c9e296c4a6cff130d465fd3a7eb2dc8b464b47303f22610dbc37bdd2939fc17.bin
unpack001/a327ba259ded1cd60cc5ac3d2be441a915c0f6467684ca6879f47178e4587e62.bin
unpack001/aba3a554254a73ef313d54fc078ce5174127614265c962a14443daf6161142b1.bin

Files

07102023_0018_samples_part00.zip
.zip
07102023_0013_samples_part00.zip
.zip
6c9e296c4a6cff130d465fd3a7eb2dc8b464b47303f22610dbc37bdd2939fc17.bin
.exe windows:5 windows x86

83e69607867f7fb532446fb6de8bb0a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeNameForVolumeMountPointA
SetLocaleInfoA
EnumCalendarInfoA
WriteConsoleInputW
CopyFileExW
GetModuleHandleExA
RtlCaptureContext
GetStringTypeA
SetLocalTime
BuildCommDCBAndTimeoutsA
CallNamedPipeA
SetUnhandledExceptionFilter
EnumCalendarInfoW
GetEnvironmentStringsW
InterlockedCompareExchange
WriteConsoleInputA
GetCommProperties
BackupSeek
GetModuleHandleW
SetFileTime
GetWindowsDirectoryA
WaitNamedPipeW
GetDateFormatA
EnumResourceTypesA
GetDriveTypeA
GetSystemDirectoryW
GlobalFindAtomA
ReadFileScatter
GetVersionExW
GetFileAttributesA
GlobalFlags
DnsHostnameToComputerNameW
GetComputerNameExA
GetConsoleAliasW
GetTapePosition
lstrcmpW
DeactivateActCtx
GetConsoleOutputCP
GetProcAddress
RemoveDirectoryA
ResetEvent
LoadLibraryA
OpenMutexA
LocalAlloc
SetCalendarInfoW
GetFileType
GlobalGetAtomNameW
GetModuleFileNameA
FindFirstVolumeMountPointA
GetModuleHandleA
CreateMutexA
FindNextFileW
RequestWakeupLatency
GetCurrentThreadId
DeleteFileW
FindActCtxSectionStringW
FindNextVolumeA
EnumSystemLocalesA
GetLocaleInfoA
GetLastError
HeapFree
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
IsProcessorFeaturePresent
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetUserDefaultLCID
IsValidLocale

user32

GetMenu

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
a327ba259ded1cd60cc5ac3d2be441a915c0f6467684ca6879f47178e4587e62.bin
.exe windows:5 windows x86

65e26f7361921acdd644477d2064c736

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasExesLengthA
BuildCommDCBAndTimeoutsA
SetUnhandledExceptionFilter
EnumCalendarInfoW
GetConsoleAliasA
GetCurrentProcess
GetNamedPipeHandleStateA
GetModuleHandleExW
GetUserDefaultLCID
InterlockedCompareExchange
WriteConsoleInputA
SetEvent
FreeEnvironmentStringsA
GetModuleHandleW
CreateRemoteThread
WaitNamedPipeW
AllocateUserPhysicalPages
GetEnvironmentStrings
GlobalAlloc
WideCharToMultiByte
GlobalFindAtomA
GetConsoleMode
GetVersionExW
GetFileAttributesA
DnsHostnameToComputerNameW
GetComputerNameExA
FindNextVolumeW
GetModuleFileNameW
lstrcmpW
GetDriveTypeW
FindNextVolumeMountPointW
GetConsoleOutputCP
GetLastError
BackupRead
GetProcAddress
GlobalGetAtomNameA
PrepareTape
LoadLibraryA
OpenMutexA
SetCalendarInfoW
RemoveDirectoryW
SetCommMask
RtlCaptureStackBackTrace
GetPrivateProfileStructA
GetTapeParameters
EnumResourceTypesW
FindNextFileA
SetConsoleCursorInfo
GetModuleHandleA
CreateMutexA
CreateMailslotA
RequestWakeupLatency
GetDiskFreeSpaceExA
DeleteFileW
GetFileInformationByHandle
FindActCtxSectionStringW
EnumSystemLocalesW
CreateFileW
WriteConsoleW
GetVolumePathNameA
GetStringTypeA
FlushFileBuffers
SetStdHandle
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
DeleteFileA
HeapReAlloc
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetCPInfo
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
SetFilePointer
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryW
GetLocaleInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetConsoleCP
CloseHandle

user32

GetMenu

advapi32

ReportEventW

winhttp

WinHttpSetOption

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aba3a554254a73ef313d54fc078ce5174127614265c962a14443daf6161142b1.bin
.exe windows:5 windows x86

2f4e6a9c8ec2d84a54182c7b9fa1cc58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindCloseChangeNotification
CreateHardLinkA
CallNamedPipeW
GetCommConfig
GetConsoleAliasesA
GetWindowsDirectoryA
FindResourceExA
GlobalAlloc
LoadLibraryW
CreateEventA
GetConsoleAliasExesLengthW
GetStringTypeExW
GetExitCodeProcess
lstrcpynW
EnumSystemCodePagesA
GetFileAttributesW
LocalReAlloc
WriteConsoleW
GetBinaryTypeA
MultiByteToWideChar
GetProcAddress
VirtualAlloc
GetFileType
WriteProfileSectionW
FreeEnvironmentStringsW
GetPrivateProfileSectionA
GetStringTypeW
EnumDateFormatsW
FindAtomW
DeleteTimerQueueTimer
OpenFileMappingA
LCMapStringW
GlobalAddAtomA
OpenJobObjectA
SetLastError
GetStartupInfoW
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetModuleHandleA
LCMapStringA
WideCharToMultiByte
GetStringTypeA
GetLocaleInfoA

user32

NotifyWinEvent
LoadMenuW
GetMenuInfo
ValidateRect
ArrangeIconicWindows

gdi32

GetGlyphIndicesA

advapi32

MapGenericMask

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tiv
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
6c9e296c4a6cff130d465fd3a7eb2dc8b464b47303f22610dbc37bdd2939fc17.bin
.exe windows:5 windows x86

83e69607867f7fb532446fb6de8bb0a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeNameForVolumeMountPointA
SetLocaleInfoA
EnumCalendarInfoA
WriteConsoleInputW
CopyFileExW
GetModuleHandleExA
RtlCaptureContext
GetStringTypeA
SetLocalTime
BuildCommDCBAndTimeoutsA
CallNamedPipeA
SetUnhandledExceptionFilter
EnumCalendarInfoW
GetEnvironmentStringsW
InterlockedCompareExchange
WriteConsoleInputA
GetCommProperties
BackupSeek
GetModuleHandleW
SetFileTime
GetWindowsDirectoryA
WaitNamedPipeW
GetDateFormatA
EnumResourceTypesA
GetDriveTypeA
GetSystemDirectoryW
GlobalFindAtomA
ReadFileScatter
GetVersionExW
GetFileAttributesA
GlobalFlags
DnsHostnameToComputerNameW
GetComputerNameExA
GetConsoleAliasW
GetTapePosition
lstrcmpW
DeactivateActCtx
GetConsoleOutputCP
GetProcAddress
RemoveDirectoryA
ResetEvent
LoadLibraryA
OpenMutexA
LocalAlloc
SetCalendarInfoW
GetFileType
GlobalGetAtomNameW
GetModuleFileNameA
FindFirstVolumeMountPointA
GetModuleHandleA
CreateMutexA
FindNextFileW
RequestWakeupLatency
GetCurrentThreadId
DeleteFileW
FindActCtxSectionStringW
FindNextVolumeA
EnumSystemLocalesA
GetLocaleInfoA
GetLastError
HeapFree
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
IsProcessorFeaturePresent
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetUserDefaultLCID
IsValidLocale

user32

GetMenu

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
a327ba259ded1cd60cc5ac3d2be441a915c0f6467684ca6879f47178e4587e62.bin
.exe windows:5 windows x86

65e26f7361921acdd644477d2064c736

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasExesLengthA
BuildCommDCBAndTimeoutsA
SetUnhandledExceptionFilter
EnumCalendarInfoW
GetConsoleAliasA
GetCurrentProcess
GetNamedPipeHandleStateA
GetModuleHandleExW
GetUserDefaultLCID
InterlockedCompareExchange
WriteConsoleInputA
SetEvent
FreeEnvironmentStringsA
GetModuleHandleW
CreateRemoteThread
WaitNamedPipeW
AllocateUserPhysicalPages
GetEnvironmentStrings
GlobalAlloc
WideCharToMultiByte
GlobalFindAtomA
GetConsoleMode
GetVersionExW
GetFileAttributesA
DnsHostnameToComputerNameW
GetComputerNameExA
FindNextVolumeW
GetModuleFileNameW
lstrcmpW
GetDriveTypeW
FindNextVolumeMountPointW
GetConsoleOutputCP
GetLastError
BackupRead
GetProcAddress
GlobalGetAtomNameA
PrepareTape
LoadLibraryA
OpenMutexA
SetCalendarInfoW
RemoveDirectoryW
SetCommMask
RtlCaptureStackBackTrace
GetPrivateProfileStructA
GetTapeParameters
EnumResourceTypesW
FindNextFileA
SetConsoleCursorInfo
GetModuleHandleA
CreateMutexA
CreateMailslotA
RequestWakeupLatency
GetDiskFreeSpaceExA
DeleteFileW
GetFileInformationByHandle
FindActCtxSectionStringW
EnumSystemLocalesW
CreateFileW
WriteConsoleW
GetVolumePathNameA
GetStringTypeA
FlushFileBuffers
SetStdHandle
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
DeleteFileA
HeapReAlloc
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetCPInfo
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
SetFilePointer
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryW
GetLocaleInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetConsoleCP
CloseHandle

user32

GetMenu

advapi32

ReportEventW

winhttp

WinHttpSetOption

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aba3a554254a73ef313d54fc078ce5174127614265c962a14443daf6161142b1.bin
.exe windows:5 windows x86

2f4e6a9c8ec2d84a54182c7b9fa1cc58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindCloseChangeNotification
CreateHardLinkA
CallNamedPipeW
GetCommConfig
GetConsoleAliasesA
GetWindowsDirectoryA
FindResourceExA
GlobalAlloc
LoadLibraryW
CreateEventA
GetConsoleAliasExesLengthW
GetStringTypeExW
GetExitCodeProcess
lstrcpynW
EnumSystemCodePagesA
GetFileAttributesW
LocalReAlloc
WriteConsoleW
GetBinaryTypeA
MultiByteToWideChar
GetProcAddress
VirtualAlloc
GetFileType
WriteProfileSectionW
FreeEnvironmentStringsW
GetPrivateProfileSectionA
GetStringTypeW
EnumDateFormatsW
FindAtomW
DeleteTimerQueueTimer
OpenFileMappingA
LCMapStringW
GlobalAddAtomA
OpenJobObjectA
SetLastError
GetStartupInfoW
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetModuleHandleA
LCMapStringA
WideCharToMultiByte
GetStringTypeA
GetLocaleInfoA

user32

NotifyWinEvent
LoadMenuW
GetMenuInfo
ValidateRect
ArrangeIconicWindows

gdi32

GetGlyphIndicesA

advapi32

MapGenericMask

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tiv
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83e69607867f7fb532446fb6de8bb0a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 85KB - Virtual size: 85KB

.data Size: 87KB - Virtual size: 3.8MB

.rsrc Size: 63KB - Virtual size: 63KB

65e26f7361921acdd644477d2064c736

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

winhttp

Sections

.text Size: 147KB - Virtual size: 146KB

.data Size: 98KB - Virtual size: 3.7MB

.rsrc Size: 104KB - Virtual size: 103KB

2f4e6a9c8ec2d84a54182c7b9fa1cc58

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 188KB - Virtual size: 4.2MB

.tiv Size: 1024B - Virtual size: 1024B

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 16KB - Virtual size: 15KB

83e69607867f7fb532446fb6de8bb0a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 85KB - Virtual size: 85KB

.data Size: 87KB - Virtual size: 3.8MB

.rsrc Size: 63KB - Virtual size: 63KB

65e26f7361921acdd644477d2064c736

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

winhttp

Sections

.text Size: 147KB - Virtual size: 146KB

.data Size: 98KB - Virtual size: 3.7MB

.rsrc Size: 104KB - Virtual size: 103KB

2f4e6a9c8ec2d84a54182c7b9fa1cc58

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 188KB - Virtual size: 4.2MB

.text
Size: 85KB - Virtual size: 85KB

.data
Size: 87KB - Virtual size: 3.8MB

.rsrc
Size: 63KB - Virtual size: 63KB

.text
Size: 147KB - Virtual size: 146KB

.data
Size: 98KB - Virtual size: 3.7MB

.rsrc
Size: 104KB - Virtual size: 103KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 188KB - Virtual size: 4.2MB

.tiv
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 85KB - Virtual size: 85KB

.data
Size: 87KB - Virtual size: 3.8MB

.rsrc
Size: 63KB - Virtual size: 63KB

.text
Size: 147KB - Virtual size: 146KB

.data
Size: 98KB - Virtual size: 3.7MB

.rsrc
Size: 104KB - Virtual size: 103KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 188KB - Virtual size: 4.2MB

.tiv
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 16KB - Virtual size: 15KB