3690f181ca2fd688504cc33f2570117d78f23f964d4cab989ebcac0b83a2195c

Sharing

Copy URL

Twitter E-mail

General

Target

3690f181ca2fd688504cc33f2570117d78f23f964d4cab989ebcac0b83a2195c
Size

427KB
MD5

6c2dadcb27e4f0a323a90923bd6cf346
SHA1

ddcb0c7a487b62aaa70689f6d245113130f02c7e
SHA256

3690f181ca2fd688504cc33f2570117d78f23f964d4cab989ebcac0b83a2195c
SHA512

6acd99de503fc5d511935e4e6dfc38ea30e29e3bdf333be40248bff6257702d42510dfe3753b9e40015e35d6fcc9bf6e52357bb707653422ae44135c6ff5a855

Score

N/A

Malware Config

Signatures

Files

3690f181ca2fd688504cc33f2570117d78f23f964d4cab989ebcac0b83a2195c
.exe windows x86

2e4a284ea6e619001a2cac8d5bb3278f

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetSystemDefaultLangID
CloseHandle
WriteConsoleW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
HeapReAlloc
LocalFree
VirtualAllocEx
GetTickCount
GetCurrentProcess
CreateEventA
WaitForSingleObject
GetLastError
GetTempPathW
SetFilePointerEx
GetTempFileNameW
FindNextFileW
FindFirstFileW
FindFirstFileA
SetStdHandle
FindClose
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FreeLibrary
InterlockedExchange
FatalAppExitA
LeaveCriticalSection
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineA
GetStdHandle
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
HeapAlloc
HeapFree
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
HeapSize
Sleep
SetLastError
InterlockedIncrement
GetCurrentThread
GetCurrentThreadId
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CreateSemaphoreW
IsDebuggerPresent
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
EnterCriticalSection
CreateFileW

user32

GetSystemMetrics
GetClipboardFormatNameA
SendMessageA
EnumWindows
GetCursorPos
GetWindowDC
GetDC

advapi32

SetNamedSecurityInfoA
GetNamedSecurityInfoA
SetEntriesInAclA
CryptDeriveKey
ImpersonateLoggedOnUser
ImpersonateAnonymousToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidLengthRequired
GetSidIdentifierAuthority
GetLengthSid
GetAclInformation
DuplicateToken
ConvertStringSidToSidA

oleaut32

VariantInit
VariantChangeType
SysAllocStringLen

wtsapi32

WTSEnumerateSessionsA
WTSEnumerateProcessesA
WTSOpenServerA

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e4a284ea6e619001a2cac8d5bb3278f

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

wtsapi32

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 211KB - Virtual size: 211KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 211KB - Virtual size: 211KB