5e27c0fcfbf3bbabdcac743b1d948f88560cbe30ffb8f45beb062d555fd7c3db

Sharing

Copy URL

Twitter E-mail

General

Target

5e27c0fcfbf3bbabdcac743b1d948f88560cbe30ffb8f45beb062d555fd7c3db
Size

128KB
MD5

8b462afe450df7f333a7da76f731cb62
SHA1

73e532ebfbd033039575b5457ac7023f920741fe
SHA256

5e27c0fcfbf3bbabdcac743b1d948f88560cbe30ffb8f45beb062d555fd7c3db
SHA512

2c4029871f2efa811b4cf17e1b55e273254716c01302de5f1489ec9ecc1342b58de929fac043f4f3b6720c1170c59e549540e626d46087bc687991b98256c3cd
SSDEEP

3072:h8EMLg9Obk8WsyqU1dWGjWXyfRU6pc16:h1MLRbkAyldZ+NZ16

Score

N/A

Malware Config

Signatures

Files

5e27c0fcfbf3bbabdcac743b1d948f88560cbe30ffb8f45beb062d555fd7c3db
.exe windows x86

672ede16a1c897b41b5a51aadbc9bd74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetDefaultCommConfigA
lstrlenA
WritePrivateProfileStructA
TlsGetValue
SetLocalTime
MoveFileExA
_llseek
GetNumberOfConsoleInputEvents
CallNamedPipeA
DeleteVolumeMountPointA
WriteTapemark
InterlockedIncrement
ReadConsoleA
CompareFileTime
WaitForSingleObject
_lclose
GetModuleHandleW
CreateNamedPipeW
VirtualFree
GetSystemTimeAsFileTime
WriteFile
FindResourceExA
GlobalAlloc
Sleep
LeaveCriticalSection
GetFileAttributesW
IsDBCSLeadByte
GetOverlappedResult
GetACP
DeactivateActCtx
ReleaseActCtx
GetLastError
IsDBCSLeadByteEx
GetProcAddress
GetTapeStatus
SetVolumeLabelA
LocalLock
ReadFileEx
SearchPathA
LoadLibraryA
WriteConsoleA
InterlockedExchangeAdd
SetCalendarInfoW
IsSystemResumeAutomatic
SetConsoleDisplayMode
GetProfileStringA
SetFileApisToANSI
WriteProfileSectionW
GetTapeParameters
SetNamedPipeHandleState
SetSystemTime
EnumDateFormatsA
GetThreadPriority
WaitCommEvent
LoadLibraryExA
ContinueDebugEvent
CreateMutexA
VirtualProtect
PurgeComm
CompareStringA
GetConsoleCursorInfo
ScrollConsoleScreenBufferA
OpenSemaphoreW
GetVersionExA
DeleteFileW
DebugBreak
FindActCtxSectionStringW
lstrcpyW
CopyFileExA
GetPrivateProfileSectionNamesW
BeginUpdateResourceW
GetSystemDefaultLangID
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
RtlUnwind
RaiseException
HeapAlloc
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
ExitProcess
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
VirtualAlloc
HeapReAlloc
GetCPInfo
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
InitializeCriticalSectionAndSpinCount
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetModuleHandleA

gdi32

GetBoundsRect
GetBitmapDimensionEx

Exports

Exports

_geek@8
_gekkko@8

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 43.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

672ede16a1c897b41b5a51aadbc9bd74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 43.5MB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 43.5MB

.rsrc
Size: 17KB - Virtual size: 17KB