c96688a678ac5a40275ad9e295427f0b621b1b429e56cd4d6a379e7e089e6cd4

Sharing

Copy URL

Twitter E-mail

General

Target

c96688a678ac5a40275ad9e295427f0b621b1b429e56cd4d6a379e7e089e6cd4
Size

502KB
MD5

ce88367155686290e9bfb1d3eeaffa9f
SHA1

afb8b458d1bcc2766c55da20092c40d1188d863a
SHA256

c96688a678ac5a40275ad9e295427f0b621b1b429e56cd4d6a379e7e089e6cd4
SHA512

7ad0f0ce9e94e404cc0835d7e7362a16f2c6622d175068099850232931f3b33fa6148ab4666303f30291fafe25a2d77381b04a116929f5161133d8dba6666399
SSDEEP

12288:b3Rg/H+xhtt17TpvxOmL0GOgu20AUFaer2gO8hFv:bm/exHt1ZnLWgudF2gO8h

Score

N/A

Malware Config

Signatures

Files

c96688a678ac5a40275ad9e295427f0b621b1b429e56cd4d6a379e7e089e6cd4
.exe windows x86

841fc5786c23710527679dc6cf9e5dc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
HeapAlloc
EndUpdateResourceW
GetCurrentProcess
SetEvent
GetTickCount
GetConsoleTitleA
WriteFile
FindResourceExA
GetConsoleCP
SetFileShortNameW
Sleep
PulseEvent
GetFileAttributesW
lstrlenW
GetProcAddress
HeapUnlock
LoadLibraryA
SetConsoleWindowInfo
WaitForMultipleObjects
GetModuleFileNameA
SetConsoleTitleW
GetModuleHandleA
DeleteCriticalSection
GetCurrentProcessId
GetPrivateProfileSectionW
FindActCtxSectionStringW
LocalUnlock
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
HeapFree
TerminateProcess
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
GetStdHandle
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
CloseHandle
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetStdHandle
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

advapi32

ReportEventA

winhttp

WinHttpCloseHandle

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 335KB - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wuce
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zojimu
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sucit
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

841fc5786c23710527679dc6cf9e5dc4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

winhttp

Sections

.text Size: 91KB - Virtual size: 91KB

.data Size: 335KB - Virtual size: 8.2MB

.wuce Size: 27KB - Virtual size: 28KB

.zojimu Size: 1024B - Virtual size: 626B

.sucit Size: 1024B - Virtual size: 963B

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 91KB - Virtual size: 91KB

.data
Size: 335KB - Virtual size: 8.2MB

.wuce
Size: 27KB - Virtual size: 28KB

.zojimu
Size: 1024B - Virtual size: 626B

.sucit
Size: 1024B - Virtual size: 963B

.rsrc
Size: 45KB - Virtual size: 44KB