014cd29999543ef41ee3b37b9c7307d8e2c782111d0b3c9cb0961e88d04921eb

Sharing

Copy URL

Twitter E-mail

General

Target

014cd29999543ef41ee3b37b9c7307d8e2c782111d0b3c9cb0961e88d04921eb
Size

661KB
MD5

5d9028e036648917b4bf2413a516f593
SHA1

dbdabc2417799e6cd1aadfed876dcb2a1c194ccb
SHA256

014cd29999543ef41ee3b37b9c7307d8e2c782111d0b3c9cb0961e88d04921eb
SHA512

8df058884ff3ceaa0f4188ff398a5478a2d70c7ca8247358ce70d01dbab6e5dca674719e4ad7d5b62708efeae3e6cb89931c52f7efa328868e8ce39667985037
SSDEEP

12288:9D9yJQN5jmdm50sd4FQHzm1uflE/hBLvrrcwD4W3KM81KrQsTTpJ:QQiCdUUm1uflYjr4G6M8kMWl

Score

N/A

Malware Config

Signatures

Files

014cd29999543ef41ee3b37b9c7307d8e2c782111d0b3c9cb0961e88d04921eb
.exe windows x86

535e4aa2ffb59d84e8b703fbebf7f406

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
SetConsoleTextAttribute
DisconnectNamedPipe
IsBadStringPtrW
SetProcessWorkingSetSize
SetVolumeLabelA
GetPrivateProfileStringW
MultiByteToWideChar
PurgeComm
VirtualProtect
EnumDateFormatsExA
SetupComm
GetSystemWindowsDirectoryA
GetCurrentProcess
GlobalAlloc
GetFullPathNameA
LoadLibraryA
SizeofResource
ReadConsoleW
lstrcpyW
GetThreadSelectorEntry
SetThreadExecutionState
GetDefaultCommConfigW
GetAtomNameA
GetEnvironmentVariableA
BuildCommDCBAndTimeoutsW
GetLastError
GetTickCount
GetPriorityClass
FindNextVolumeW
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
lstrlenA
lstrlenW
IsWow64Process
CompareStringA
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
SetStdHandle
RtlUnwind
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
HeapSize
CloseHandle
CreateFileA

advapi32

RegQueryMultipleValuesA

winhttp

WinHttpCloseHandle

Exports

Exports

@dfkvodv@0
@mctraxer@0

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 584KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mobumi
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xojetos
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 559KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

535e4aa2ffb59d84e8b703fbebf7f406

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

winhttp

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 584KB - Virtual size: 603KB

.tls Size: 512B - Virtual size: 9B

.mobumi Size: 1024B - Virtual size: 1024B

.xojetos Size: 512B - Virtual size: 346B

.rsrc Size: 16KB - Virtual size: 559KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 584KB - Virtual size: 603KB

.tls
Size: 512B - Virtual size: 9B

.mobumi
Size: 1024B - Virtual size: 1024B

.xojetos
Size: 512B - Virtual size: 346B

.rsrc
Size: 16KB - Virtual size: 559KB

.reloc
Size: 5KB - Virtual size: 5KB