d427663fedfee334210eb15278b4692397bba0a7e9f26482a13850049e723a59

Sharing

Copy URL

Twitter E-mail

General

Target

d427663fedfee334210eb15278b4692397bba0a7e9f26482a13850049e723a59
Size

140KB
MD5

14a9adc57e334f3cb9a849346d8679b2
SHA1

aaaf140bfc1e01832895ec2a393906c982775e67
SHA256

d427663fedfee334210eb15278b4692397bba0a7e9f26482a13850049e723a59
SHA512

c170848dd097d09bf831db8835992d886c30049dfac619c139de4b48ef503f278a86796bb26b17fcb3cc850d41fe584b0b864a1c4b7595d8b0468156cc5ab6de
SSDEEP

1536:nCsCUx8I++6+XjoAOvsbXkG5JP6VvqmhFR1t122coSBbauw:n5w+so5JP6VvqmhFRP0Lau

Score

N/A

Malware Config

Signatures

Files

d427663fedfee334210eb15278b4692397bba0a7e9f26482a13850049e723a59
.exe windows x86

3555f5e25363390a796f1413e79b7efe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
InterlockedDecrement
ZombifyActCtx
HeapFree
InterlockedCompareExchange
SetTapeParameters
GetModuleHandleW
GenerateConsoleCtrlEvent
GetProcessHeap
WriteFile
FindActCtxSectionStringA
GetEnvironmentStrings
ActivateActCtx
GetConsoleCP
FreeConsole
GetGeoInfoA
lstrcatA
lstrlenW
ReleaseActCtx
GetProcAddress
AttachConsole
GetProcessHeaps
VerLanguageNameA
HeapUnlock
ResetEvent
LocalAlloc
HeapLock
GetOEMCP
RequestDeviceWakeup
GetConsoleTitleW
DeleteCriticalSection
ReadConsoleInputW
lstrcpyA
BuildCommDCBAndTimeoutsA
AllocConsole
HeapReAlloc
HeapAlloc
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
SetFilePointer
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
CloseHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCPInfo
GetACP
IsValidCodePage
SetStdHandle
GetConsoleMode
FlushFileBuffers
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

gdi32

GetCharWidthFloatA

advapi32

RegQueryValueExA
BackupEventLogW

winhttp

WinHttpCloseHandle

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3555f5e25363390a796f1413e79b7efe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

winhttp

Sections

.text Size: 57KB - Virtual size: 56KB

.data Size: 53KB - Virtual size: 5.4MB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 57KB - Virtual size: 56KB

.data
Size: 53KB - Virtual size: 5.4MB

.rsrc
Size: 29KB - Virtual size: 28KB