e57034ed17a79c4198e23e87bc0100cc3513238d6f9b1e0889522c63800f44ed

Sharing

Copy URL

Twitter E-mail

General

Target

e57034ed17a79c4198e23e87bc0100cc3513238d6f9b1e0889522c63800f44ed
Size

169KB
MD5

900db9b536bab558fef69814e4b9e527
SHA1

06ee45efd3d0276f79acec03dfd153ac75902a19
SHA256

e57034ed17a79c4198e23e87bc0100cc3513238d6f9b1e0889522c63800f44ed
SHA512

3d722dd1d901e3c5881f94e86c754f7af8fa37af2a867e2b1947a3caed106def13ac9d33cb1f70577558322b1b868621647c7199c286d1eaf0ed8be5a8ddbac2
SSDEEP

3072:5PteUdysied42lazu9RLHZq+YeYo8KwmaUJR2:V1IRL2laS9RLHM+YeYoVa/

Score

N/A

Malware Config

Signatures

Files

e57034ed17a79c4198e23e87bc0100cc3513238d6f9b1e0889522c63800f44ed
.exe windows x86

86eaf9bcea3571a6e8c7f6cb25fe1b84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToDosDateTime
EnumResourceNamesW
lstrlenA
WritePrivateProfileStructA
GetNumberOfConsoleInputEvents
FindResourceExW
CallNamedPipeA
DeleteVolumeMountPointA
InterlockedDecrement
CreateJobObjectW
GetUserDefaultLCID
OpenSemaphoreA
_lclose
GetProcessPriorityBoost
CreateNamedPipeW
GetSystemTimeAsFileTime
ReadConsoleW
TlsSetValue
Sleep
GetVersionExW
WriteConsoleW
IsDBCSLeadByte
SetThreadPriority
GlobalUnlock
DisconnectNamedPipe
DeactivateActCtx
SetCurrentDirectoryA
GetLastError
GetTapeStatus
SetVolumeLabelW
ReadFileEx
EnterCriticalSection
_hwrite
SetFileApisToOEM
GetLocalTime
LoadLibraryA
LocalAlloc
BeginUpdateResourceA
WriteProfileSectionW
GetTapeParameters
WaitForMultipleObjects
GetPrivateProfileSectionNamesA
EnumDateFormatsA
GetModuleHandleA
LoadLibraryExA
GetCommTimeouts
FreeEnvironmentStringsW
VirtualProtect
LocalSize
lstrcpyA
GetCommandLineA
GetStartupInfoA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
HeapSize
ExitProcess
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException

user32

GetCursorPos

Exports

Exports

_geek@8
_gekelberifin@8

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86eaf9bcea3571a6e8c7f6cb25fe1b84

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 138KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 11.4MB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 139KB - Virtual size: 138KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 11.4MB

.rsrc
Size: 16KB - Virtual size: 15KB