90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97

Sharing

Copy URL

Twitter E-mail

General

Target

90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97
Size

2.6MB
MD5

95e5ade6dc73995c3aead518331fc6d1
SHA1

99f3f68704a6c2c5e5cdda3eeff3122fc78a2ae4
SHA256

90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97
SHA512

8d56b8152740684f508629b644cc133a99e84e24cafa00b1a81ab91f6cbcba587022cca3323ce7739b65284c38c534822b974ab0330ab50d9a682b509e5942e3
SSDEEP

49152:BwS9K0SiUWqUQU9lXkoVhUXbNJTaschaQT7IgUjDKJ4hH2uxoIjuOg1ggY:v9KP+QUtLhaBQschfqjDe6xoB

Score

N/A

Malware Config

Signatures

Files

90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97
.exe windows x86

88b7429cae1de781da5a89247f66a0fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetProcessPriorityBoost
GetLastError
GetOverlappedResult
CreateIoCompletionPort
SetupComm
PurgeComm
SetCommBreak
GetTickCount
CreateMailslotA
FlushViewOfFile
UnmapViewOfFile
lstrcpyA
lstrcatA
_lcreat
_lwrite
GetModuleHandleA
FatalAppExitA
EnumResourceLanguagesA
HeapAlloc
GetPrivateProfileStringW
SetPriorityClass
IsBadReadPtr
BuildCommDCBAndTimeoutsA
CommConfigDialogW
GetSystemPowerStatus
SetSystemPowerState
GetVolumeNameForVolumeMountPointA
GetVolumePathNameW
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
MultiByteToWideChar
WideCharToMultiByte
PeekConsoleInputA
SetConsoleScreenBufferSize
GetConsoleOutputCP
SetConsoleOutputCP
CloseHandle
WriteConsoleW
GlobalAlloc
AddAtomA
GetProcAddress
GetStringTypeW
OutputDebugStringW
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineW
IsProcessorFeaturePresent
HeapFree
ExitProcess
GetModuleHandleExW
HeapSize
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
ReadFile
SetFilePointerEx
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetConsoleMode
SetStdHandle
FlushFileBuffers
GetConsoleCP
CreateFileW

user32

ClientToScreen

advapi32

RegisterEventSourceW
RegQueryValueExA

msimg32

AlphaBlend

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 32.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88b7429cae1de781da5a89247f66a0fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msimg32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 2.5MB - Virtual size: 2.5MB

.data Size: 25KB - Virtual size: 32.3MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 25KB - Virtual size: 32.3MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 40KB - Virtual size: 40KB