1269399667ab00025edf1869d1b9c08c314c6bff346b710cedf29bfc87d3d9e8

Sharing

Copy URL

Twitter E-mail

General

Target

1269399667ab00025edf1869d1b9c08c314c6bff346b710cedf29bfc87d3d9e8
Size

3.8MB
MD5

8fb84447f0e6d3f9bee0e4c187cd88a7
SHA1

802e1300a0563b1b87e079e0ae90266ec69b5591
SHA256

1269399667ab00025edf1869d1b9c08c314c6bff346b710cedf29bfc87d3d9e8
SHA512

66853b67011967fbd05d2f96e3ca94ac467be113673e18cbcfda91e853dc19b10ef05436cca69a997d725b254bbd9e086fc1ff09ba76fadc3dee9e52144bd8eb
SSDEEP

98304:ILhlltFjRLbQ5Ph890+J3NDFSUfygkOlaaesJBCuHEP4uOi:ylhLbQledJ3ZFLfyOlaa5BCIE

Score

N/A

Malware Config

Signatures

Files

1269399667ab00025edf1869d1b9c08c314c6bff346b710cedf29bfc87d3d9e8
.exe windows x86

0f984234a33f920e187a97d613900a90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
HeapAlloc
SetEnvironmentVariableW
FlushViewOfFile
GetCommConfig
GetPrivateProfileStringW
GetMailslotInfo
GetCompressedFileSizeA
lstrcatA
GetOverlappedResult
GetVolumePathNameA
GetProcAddress
GetNumaHighestNodeNumber
LoadLibraryA
LocalAlloc
IsWow64Process
BuildCommDCBAndTimeoutsW
SetNamedPipeHandleState
WaitForMultipleObjects
FindFirstVolumeMountPointA
GetProcessAffinityMask
CreateMailslotA
GetConsoleCursorInfo
ScrollConsoleScreenBufferA
GetVolumeNameForVolumeMountPointW
WriteConsoleW
CreateFileW
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
RaiseException
RtlUnwind
GetLastError
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapSize
EnterCriticalSection
LeaveCriticalSection
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
ReadFile
SetFilePointerEx
CloseHandle
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
LCMapStringW
GetConsoleMode
ReadConsoleW
SetStdHandle
FlushFileBuffers
GetConsoleCP
OutputDebugStringW
GetStringTypeW
SetEndOfFile

user32

GetClipCursor

Exports

Exports

@plusTokenAfter@4
@yurii@4

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f984234a33f920e187a97d613900a90

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 3.7MB - Virtual size: 3.7MB

.data Size: 25KB - Virtual size: 78KB

.rsrc Size: 81KB - Virtual size: 3.2MB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 3.7MB - Virtual size: 3.7MB

.data
Size: 25KB - Virtual size: 78KB

.rsrc
Size: 81KB - Virtual size: 3.2MB