44e31540031873ae386202304a5078b4816bf7e4aa1c7358d6083c07faed8094

Sharing

Copy URL

Twitter E-mail

General

Target

44e31540031873ae386202304a5078b4816bf7e4aa1c7358d6083c07faed8094
Size

269KB
MD5

7990239a18d87a9815b3866323c0b890
SHA1

6070b7dc523937a5ff51ffb7c6dbbf0da72df2bc
SHA256

c437dd6e7c079db628be0eaf74d1e532984529599ea6d6130273112f1470f428
SHA512

e7445658a3e011c4cf5800239f36252079e7cd6c56a901edc13b2006623ce771c2d097225471de6be4587227b92b0bba73959171d7ad97ea3f9e81f086009404
SSDEEP

6144:CuKwvdsjKkmD3AWxCdWeHtaAP0P/9FOqN5DsdOM:vK8q0LCWeHtS/9FD5it

Score

N/A

Malware Config

Signatures

Files

44e31540031873ae386202304a5078b4816bf7e4aa1c7358d6083c07faed8094
.zip
44e31540031873ae386202304a5078b4816bf7e4aa1c7358d6083c07faed8094
.exe windows x86

01964b8ce8a862adba8387753bd05847

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetNamedPipeHandleStateW
DosDateTimeToFileTime
CallNamedPipeA
EnumResourceTypesA
EnumResourceNamesA
TerminateProcess
ReleaseActCtx
GetConsoleAliasesLengthA
GetVersionExA
GetConsoleOutputCP
GetDefaultCommConfigW
GetCommConfig
GetDriveTypeA
FreeEnvironmentStringsA
CreateTimerQueue
FindNextVolumeW
LeaveCriticalSection
ReadConsoleInputA
TlsGetValue
SetComputerNameExA
FindAtomA
BuildCommDCBAndTimeoutsA
LoadLibraryA
GlobalAlloc
InitializeCriticalSection
GetCommandLineW
InterlockedIncrement
CopyFileA
ZombifyActCtx
OutputDebugStringW
FormatMessageA
GetPriorityClass
WritePrivateProfileStringA
HeapValidate
ExitThread
GlobalUnfix
GetProcessHeap
GetStartupInfoW
CreatePipe
GetCPInfoExW
GetWindowsDirectoryA
GetSystemWow64DirectoryA
WriteProfileSectionW
GetCalendarInfoW
ResumeThread
SetConsoleCursorInfo
SetLastError
ExitProcess
GetSystemTime
SetLocalTime
EnumCalendarInfoExW
OpenSemaphoreW
DebugActiveProcess
lstrcmpA
GetPrivateProfileSectionNamesA
GetNumberOfConsoleInputEvents
GetProcAddress
HeapLock
FindCloseChangeNotification
CreateActCtxA
GetMailslotInfo
GetPrivateProfileIntW
_lread
InterlockedDecrement
DefineDosDeviceA
SetVolumeMountPointA
EndUpdateResourceA
WriteConsoleA
VirtualProtect
FreeEnvironmentStringsW
SetMailslotInfo
lstrcpyA
VerLanguageNameW
UnlockFile
SetSystemTime
GetFileType
GetConsoleCP
GetConsoleAliasA
GetLargestConsoleWindowSize
GetOverlappedResult
FindAtomW
GetConsoleAliasExesLengthA
WriteConsoleInputA
CreateMailslotA
EnumDateFormatsW
SetCommState
LockFile
_lclose
GetConsoleAliasExesLengthW
ResetWriteWatch
CreateConsoleScreenBuffer
ClearCommBreak
ChangeTimerQueueTimer
HeapSize
MoveFileW
GetConsoleDisplayMode
GetStringTypeA
SetFilePointer
PostQueuedCompletionStatus
SetFileApisToOEM
OpenWaitableTimerW
GetProcessId
GetNamedPipeHandleStateA
FillConsoleOutputCharacterW
FindNextVolumeMountPointA
WriteProfileStringW
AddAtomA
WriteConsoleOutputCharacterW
QueryInformationJobObject
QueryDosDeviceA
EnterCriticalSection
InitAtomTable
VirtualAlloc
GetBinaryTypeA
GetSystemWindowsDirectoryA
GetLastError
CreateFileA
DeleteFileA
RaiseException
IsBadReadPtr
DeleteCriticalSection
GetModuleFileNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetHandleCount
GetStdHandle
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
WriteFile
HeapAlloc
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
WriteConsoleW
LoadLibraryW
WideCharToMultiByte
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
CloseHandle

user32

OemToCharA

advapi32

GetFileSecurityW

winhttp

WinHttpReadData

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.moc
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01964b8ce8a862adba8387753bd05847

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

winhttp

Sections

.text Size: 153KB - Virtual size: 152KB

.data Size: 176KB - Virtual size: 329KB

.moc Size: 512B - Virtual size: 5B

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 153KB - Virtual size: 152KB

.data
Size: 176KB - Virtual size: 329KB

.moc
Size: 512B - Virtual size: 5B

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 14KB - Virtual size: 14KB