3393497a21035095223eddda80b66b3c

Sharing

Copy URL

Twitter E-mail

General

Target

3393497a21035095223eddda80b66b3c
Size

665KB
MD5

3393497a21035095223eddda80b66b3c
SHA1

90aaef907a1c64bb9182676468c33caaefe66932
SHA256

100b0b5c3d507f5c5588dd0f920839f3b19bc10556adfbf6bdd19d9c540bfb47
SHA512

fcb12306f2c8393c53d87d16d7b172567bbfbce7eece0eac50315396867facbca22d5ba28baac1abf67ab1addaa4dfbe942e4a0e4703fe1551b9b372d60de4e1
SSDEEP

12288:YskDIEz7nhqOmK9vboLouZUsuwkdNNZ1:YsCFz7nhqOzRSPHydx

Score

N/A

Malware Config

Signatures

Files

3393497a21035095223eddda80b66b3c
.exe windows x86

9be15dbd8c71b70c7f8bc63920782bda

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
MoveFileExW
GetConsoleAliasesLengthA
GetConsoleTitleA
WaitNamedPipeW
InitializeCriticalSection
DeleteVolumeMountPointW
WriteConsoleW
GetMailslotInfo
CreateMailslotW
RaiseException
EnumSystemLocalesA
VerifyVersionInfoW
GetLastError
GetProcAddress
VirtualAlloc
SetStdHandle
EnterCriticalSection
LoadLibraryExW
SetFileAttributesA
GetAtomNameA
LoadLibraryA
LocalAlloc
SetCalendarInfoW
GetFileType
GetDefaultCommConfigA
CreateMutexA
GetStringTypeW
GetConsoleTitleW
GetFileTime
GetVersionExA
GetVolumeNameForVolumeMountPointW
LocalFree
LCMapStringW
CreateThread
GetThreadContext
GetLocaleInfoA
GetComputerNameA
CreateFileA
InterlockedDecrement
Sleep
DeleteCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RtlUnwind
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapAlloc
HeapCreate
VirtualFree
HeapReAlloc
SetHandleCount
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
SetFilePointer
CloseHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
IsValidLocale
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP

user32

MapWindowPoints

gdi32

GetCharWidthFloatA

advapi32

ClearEventLogW

winhttp

WinHttpCloseHandle

Sections

.text
Size: 546KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 20.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9be15dbd8c71b70c7f8bc63920782bda

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winhttp

Sections

.text Size: 546KB - Virtual size: 545KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 33KB - Virtual size: 20.8MB

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 546KB - Virtual size: 545KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 33KB - Virtual size: 20.8MB

.rsrc
Size: 63KB - Virtual size: 62KB