9a466a44eb186f03b1746905a67fd7574970046fcbda82f2f3e7aa6c6bc092e0

Sharing

Copy URL

Twitter E-mail

General

Target

9a466a44eb186f03b1746905a67fd7574970046fcbda82f2f3e7aa6c6bc092e0
Size

704KB
MD5

c2f3bc01dd2ebb91dfdf7e0f9b95f7e5
SHA1

205dad4ec156c0a7ea3bc38efe92a91aeb7b120d
SHA256

9a466a44eb186f03b1746905a67fd7574970046fcbda82f2f3e7aa6c6bc092e0
SHA512

2bf577384accc61b06d6908fde03537228cff42b0c47ec227ece074294552d5277018a76ee0491011d5d7f38e0aebe05a10f522115c709b6b9c0090bab951c8a
SSDEEP

12288:/WqucbGcDjff1KVl6u0yBAYmagT+1+5+bwxN6Zunnn7s:5bDYVYuPAYm/618+EOyA

Score

N/A

Malware Config

Signatures

Files

9a466a44eb186f03b1746905a67fd7574970046fcbda82f2f3e7aa6c6bc092e0
.exe windows x86

b06f69f2ace0672ee0c98e4ea7cda9ac

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapUserPhysicalPages
LoadResource
EndUpdateResourceW
WaitForSingleObject
WriteConsoleInputA
GetConsoleAliasesA
ConvertFiberToThread
GlobalAlloc
GetLocaleInfoW
GetProcessHandleCount
GetVersionExW
HeapValidate
FileTimeToSystemTime
FreeLibraryAndExitThread
GetHandleInformation
GetLongPathNameW
GetProcAddress
VirtualAlloc
LoadLibraryA
CreateHardLinkW
WaitForMultipleObjects
QueueUserWorkItem
GetConsoleSelectionInfo
GetWriteWatch
PulseEvent
MultiByteToWideChar
GetModuleHandleW
Sleep
ExitProcess
GetStartupInfoW
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetLastError
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

user32

SetCaretPos

advapi32

BackupEventLogW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 499KB - Virtual size: 39.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kixil
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xoc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mahirin
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b06f69f2ace0672ee0c98e4ea7cda9ac

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 499KB - Virtual size: 39.7MB

.kixil Size: 1024B - Virtual size: 626B

.xoc Size: 1024B - Virtual size: 624B

.mahirin Size: 512B - Virtual size: 23B

.rsrc Size: 145KB - Virtual size: 145KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 499KB - Virtual size: 39.7MB

.kixil
Size: 1024B - Virtual size: 626B

.xoc
Size: 1024B - Virtual size: 624B

.mahirin
Size: 512B - Virtual size: 23B

.rsrc
Size: 145KB - Virtual size: 145KB