805a60e5bb4b101ecd2c2f6227d8dfe99613c59aa1936fbeb5709f06779c0165

Sharing

Copy URL

Twitter E-mail

General

Target

805a60e5bb4b101ecd2c2f6227d8dfe99613c59aa1936fbeb5709f06779c0165
Size

3.8MB
MD5

24c299a8f70b65c9987e6e07adf6df43
SHA1

a9250aa6f18c16945f4456d10403a4fa8979a3ed
SHA256

805a60e5bb4b101ecd2c2f6227d8dfe99613c59aa1936fbeb5709f06779c0165
SHA512

fb603d307e39b5c8f120a65d46cefe9fee3bfb575c45f3d55b8118177de73f8977103fd34b59adb3600fa970823d64d03bfbccaa314ccee89173be05a776e09b
SSDEEP

98304:P55TtUT/ALWH/Nz6RQFdRpBq67+UaxoDWZri0cRSa3U8a/o/:PHTt4dqQFekaxoDWZridSa3U8a/

Score

N/A

Malware Config

Signatures

Files

805a60e5bb4b101ecd2c2f6227d8dfe99613c59aa1936fbeb5709f06779c0165
.exe windows x86

5fd35b909988cae81cd44f38a2860156

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushViewOfFile
SetMailslotInfo
GetNumaAvailableMemoryNode
SetProcessAffinityMask
SetNamedPipeHandleState
RtlCaptureStackBackTrace
SetVolumeMountPointW
DeleteVolumeMountPointW
GetVolumeNameForVolumeMountPointA
FindFirstFileExA
IsDBCSLeadByteEx
LoadResource
LocalAlloc
GetProcAddress
LoadLibraryW
SetEnvironmentVariableW
ScrollConsoleScreenBufferA
FindFirstVolumeMountPointA
IsWow64Process
GetLastError
RaiseException
RtlUnwind
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
IsProcessorFeaturePresent
EncodePointer
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CloseHandle
CreateFileA
MultiByteToWideChar
HeapReAlloc
WideCharToMultiByte
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile
WriteConsoleW
CreateFileW

user32

GetClipCursor
GetCursor

Exports

Exports

@altate@0
@plusTokenAfter@4

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fd35b909988cae81cd44f38a2860156

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 3.7MB - Virtual size: 7.7MB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 3.7MB - Virtual size: 7.7MB

.rsrc
Size: 98KB - Virtual size: 98KB