0ff506dc51126a4c89c4a8e435b09f2a6e0811df95b922898ccbe8c9ac7f2706

Sharing

Copy URL

Twitter E-mail

General

Target

0ff506dc51126a4c89c4a8e435b09f2a6e0811df95b922898ccbe8c9ac7f2706
Size

266KB
MD5

8a04926cc8b9bb02b39a24133445a1cd
SHA1

89b08d47b58000b4124e89160acb44115368c377
SHA256

0ff506dc51126a4c89c4a8e435b09f2a6e0811df95b922898ccbe8c9ac7f2706
SHA512

63b3c61719b7fadea5f3eccc1dca87825b8d1d74a14f01fc39d50c6690842f3c1e24f334e9110b720c6e32db21f46daae5514d77d8221961bde5146a302acfac

Score

N/A

Malware Config

Signatures

Files

0ff506dc51126a4c89c4a8e435b09f2a6e0811df95b922898ccbe8c9ac7f2706
.exe windows x64

b0eb0555bb7d477c275cb6d03ee4a85e

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
WriteFileGather
FindResourceA
GetProcAddress
GetModuleHandleExA
SetFileAttributesA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
SetFilePointer
GetCurrentProcess
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InitializeCriticalSection
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
ReadFile
VirtualAllocExNuma
RaiseException
RtlPcToFileHeader
HeapAlloc
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineA
GetStartupInfoA
GetLastError
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CreateFileA

user32

LoadIconA
LoadCursorA
RegisterClassA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
PostQuitMessage
GetSystemMenu
AppendMenuA
CreateWindowExA
DefWindowProcA
GetDlgItemTextA
SetWindowTextA
FindWindowA
DialogBoxParamA
DestroyWindow
SetDlgItemTextA

gdi32

GetStockObject

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0eb0555bb7d477c275cb6d03ee4a85e

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 7KB - Virtual size: 15KB

.pdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 146KB - Virtual size: 146KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 7KB - Virtual size: 15KB

.pdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 146KB - Virtual size: 146KB