d26e2244a2a005c189d21ca475eac4c6[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

d26e2244a2a005c189d21ca475eac4c6.exe
Size

328KB
MD5

d26e2244a2a005c189d21ca475eac4c6
SHA1

bd635131d5ad18ea4c3c01d931f393d1ca278aa3
SHA256

ab1843bda7f0e7259d81c8fbd1ac689e69eb9219908410af0723621ccf88bd6c
SHA512

6aa7b1b67b70a3cd21fb4667ebf3a8ccce7be69a0fe7e581f630afaee3518e3ae05108b1e0c86a7bef99ca60093c2b0452cb8119d8187a9be5df9dce7fe0c2e6
SSDEEP

6144:hTdDRwsACjrk8zrjrG/UjS+q1TlDrimY1XfLfCHxLr:BdNmEAqrj8UjSP15D8hDCx

Score

N/A

Malware Config

Signatures

Files

d26e2244a2a005c189d21ca475eac4c6.exe
.exe windows x86

7435d26c0c13d1849943ee53652747f4

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapLock
CreateNamedPipeW
GetExitCodeProcess
DeactivateActCtx
GetVersionExW
GetConsoleCP
GetConsoleAliasesLengthA
GetDefaultCommConfigA
FindFirstFileExA
GetDriveTypeW
FreeEnvironmentStringsW
GetProcessPriorityBoost
SetVolumeMountPointA
SetCurrentDirectoryW
GetLongPathNameA
CopyFileW
TlsGetValue
LoadResource
SetComputerNameExW
SystemTimeToTzSpecificLocalTime
FindAtomA
ReleaseSemaphore
CallNamedPipeW
CreateMailslotW
BuildCommDCBAndTimeoutsA
VirtualProtect
LoadLibraryA
GlobalAlloc
TryEnterCriticalSection
GetCommandLineA
InterlockedDecrement
GetCalendarInfoA
DeleteFileA
CreateActCtxW
OutputDebugStringA
SetSystemTimeAdjustment
SetPriorityClass
WritePrivateProfileStringW
GetProcessHeaps
GlobalUnWire
GetProcessHeap
GetStartupInfoW
GetDiskFreeSpaceExW
GetCPInfoExW
GetWindowsDirectoryA
GetSystemWow64DirectoryW
GetLastError
GetProfileStringA
WriteProfileSectionA
GetProfileStringW
GetConsoleCursorInfo
SetLastError
DeleteVolumeMountPointW
DebugBreak
GetPrivateProfileSectionW
lstrcmpA
ReadFileScatter
SetConsoleMode
GetSystemWindowsDirectoryA
TerminateProcess
GlobalFindAtomW
FindCloseChangeNotification
SetTapeParameters
SetMailslotInfo
InterlockedExchange
DefineDosDeviceA
FindVolumeMountPointClose
EndUpdateResourceW
WriteConsoleA
GetSystemTimeAdjustment
GetPrivateProfileSectionA
WritePrivateProfileSectionA
GetPrivateProfileStructW
GetDriveTypeA
GetFileAttributesExA
FileTimeToLocalFileTime
MoveFileA
GetVolumePathNameW
HeapUnlock
lstrcmpW
SetDefaultCommConfigA
FindActCtxSectionGuid
SetThreadContext
MoveFileExW
GlobalUnlock
UnregisterWait
BuildCommDCBA
GlobalDeleteAtom
OpenEventW
TransmitCommChar
WaitNamedPipeA
GetPrivateProfileSectionNamesW
FindResourceExW
GetLocalTime
SetLocalTime
OpenSemaphoreA
GetProcAddress
SetFileShortNameW
lstrcpyW
VerLanguageNameW
GetThreadSelectorEntry
SetSystemTime
SetConsoleCP
GetConsoleAliasW
FlushConsoleInputBuffer
AllocConsole
GetAtomNameW
WriteConsoleInputA
TransactNamedPipe
GetCommState
LockFile
_lopen
GetConsoleAliasExesLengthA
GetWriteWatch
GetConsoleOutputCP
GetModuleHandleA
WriteConsoleOutputCharacterW
EnumDateFormatsW
HeapReAlloc
GetCommMask
SetFilePointer
FindClose
SetFileApisToANSI
CancelWaitableTimer
GetProcessHandleCount
GetCurrentProcessId
SetNamedPipeHandleState
GetCompressedFileSizeA
FindNextVolumeMountPointW
GetFullPathNameA
WriteProfileStringW
DeleteAtom
GlobalAddAtomA
AssignProcessToJobObject
QueryDosDeviceW
InitializeCriticalSection
SetFirmwareEnvironmentVariableW
GetBinaryTypeA
CreateIoCompletionPort
InterlockedIncrement
Sleep
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetStartupInfoA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
HeapValidate
IsBadReadPtr
GetModuleHandleW
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
GetStdHandle
WriteFile
WriteConsoleW
GetFileType
OutputDebugStringW
ExitProcess
LoadLibraryW
GetModuleFileNameA
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
HeapAlloc
HeapSize
VirtualAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetStdHandle
CloseHandle
CreateFileA

user32

OemToCharW

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tipa
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7435d26c0c13d1849943ee53652747f4

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 204KB - Virtual size: 204KB

.data Size: 67KB - Virtual size: 1.6MB

.tipa Size: 512B - Virtual size: 5B

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 204KB - Virtual size: 204KB

.data
Size: 67KB - Virtual size: 1.6MB

.tipa
Size: 512B - Virtual size: 5B

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 19KB - Virtual size: 19KB