013ed964d37e80ee700dd98ba83bc25692ee92b4895b92eed17c4ef5359432f8

Sharing

Copy URL

Twitter E-mail

General

Target

013ed964d37e80ee700dd98ba83bc25692ee92b4895b92eed17c4ef5359432f8
Size

955KB
MD5

13694c1e016d5a35d902070111f63d18
SHA1

8a7de1581df4a927a1b5144af9d590750649aa2c
SHA256

013ed964d37e80ee700dd98ba83bc25692ee92b4895b92eed17c4ef5359432f8
SHA512

5ddc6f8a61d0879a337f6eb751cfdf8965ba6efcc59abb1fe84f5a304588e0738be214c76dbf6d565d72ec00b8ae398c62f1492a66510926d452c1eca16e6b89
SSDEEP

24576:nnrmNg9r6EAsSDBpvEwL55pkRT8cDbhvKyew4:n39r6/DjlL55rcHE5w4

Score

N/A

Malware Config

Signatures

Files

013ed964d37e80ee700dd98ba83bc25692ee92b4895b92eed17c4ef5359432f8
.exe windows x86

10080279f86c8f524876f5bf41c92c73

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
GlobalUnfix
GetLastError
GetProcAddress
WritePrivateProfileStringA
GetModuleHandleA
GetProcessShutdownParameters
LCMapStringW
GlobalAlloc
GetTickCount
FindFirstFileExW
GetCurrentProcess
InterlockedIncrement
HeapAlloc
GetLocaleInfoA
lstrlenA
FindResourceA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
Sleep
RtlUnwind
HeapSize
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
IsProcessorFeaturePresent

advapi32

CloseEventLog
RegSetValueExW
SetSecurityDescriptorSacl
FreeSid
NotifyChangeEventLog

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 879KB - Virtual size: 42.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10080279f86c8f524876f5bf41c92c73

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 879KB - Virtual size: 42.6MB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 879KB - Virtual size: 42.6MB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 32KB