9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449

Sharing

Copy URL

Twitter E-mail

General

Target

9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449
Size

745KB
MD5

bfcfa870a9098c3f3bda4d22e2bd0197
SHA1

107851fae7cba87513356559d88446ba3e2d6a8e
SHA256

9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449
SHA512

0c77be51bc4bbd12d35d7888323941de7a9153f4db0e9fd689ed6e11e207e2297f879fc47540ba349fcb123d43d1ed44ebdd3d0c1c172c847c228f88af47656a
SSDEEP

12288:Y29+qgidm53gzghnQ22bLXG1yg0toW6q6qGLX+uu+RWMBP2giqZ:Y29+qgidm14gxygOoW6q6ZBP2gic

Score

N/A

Malware Config

Signatures

Files

9a58ad97663b9b902e1c4b99a5184e1ae4ec7c4ef13f2ca9499354c36be3e449
.exe windows x86

d63e920222aab555f1e4385b502e5927

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace
RtlUnwind

api-ms-win-core-processthreads-l1-1-0

ExitProcess
ResumeThread
ExitThread
GetCurrentThread
GetExitCodeThread
GetCurrentThreadId
FlushProcessWriteBuffers
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
TerminateProcess
SwitchToThread
GetStartupInfoW
GetCurrentProcessId
CreateThread

api-ms-win-core-processthreads-l1-1-1

GetCurrentProcessorNumber
IsProcessorFeaturePresent

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolWork
CloseThreadpoolWait
SubmitThreadpoolWork
SetThreadpoolWait
CreateThreadpoolWait
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
WaitForThreadpoolTimerCallbacks

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibraryAndExitThread
GetProcAddress
GetModuleHandleExW
FreeLibrary

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitOnceExecuteOnce
Sleep
InitializeConditionVariable

api-ms-win-core-localization-l1-2-0

GetLocaleInfoEx
GetLocaleInfoW
EnumSystemLocalesW
GetCPInfo
IsValidLocale
GetUserDefaultLCID
LCMapStringW
IsValidCodePage
GetACP
LCMapStringEx
FormatMessageA
GetOEMCP

api-ms-win-core-synch-l1-1-0

SetEvent
CreateEventExW
EnterCriticalSection
ResetEvent
CreateEventW
WaitForSingleObjectEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
CreateSemaphoreExW
InitializeSRWLock

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-file-l1-1-0

FindFirstFileExW
GetFileSizeEx
CreateFileW
ReadFile
FindClose
SetFilePointerEx
WriteFile
FlushFileBuffers
SetFileInformationByHandle
FindNextFileW
GetFileType

api-ms-win-core-fibers-l1-1-0

FlsFree
FlsGetValue
FlsSetValue
FlsAlloc

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemTimeAsFileTime

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx
CreateSymbolicLinkW

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringEx
CompareStringW
WideCharToMultiByte
MultiByteToWideChar

user32

PostQuitMessage
DefWindowProcW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InitializeSListHead
InterlockedFlushSList

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineA
GetCommandLineW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetEnvironmentStringsW
SetStdHandle
GetStdHandle

api-ms-win-core-console-l1-1-0

GetConsoleMode
WriteConsoleW
GetConsoleOutputCP
SetConsoleCtrlHandler
ReadConsoleW

api-ms-win-core-heap-l1-1-0

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformation

Sections

.text
Size: 507KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d63e920222aab555f1e4385b502e5927

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-fibers-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-string-l1-1-0

user32

api-ms-win-core-debug-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-console-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-datetime-l1-1-0

api-ms-win-core-timezone-l1-1-0

Sections

.text Size: 507KB - Virtual size: 506KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 119KB - Virtual size: 125KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 507KB - Virtual size: 506KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 119KB - Virtual size: 125KB

.reloc
Size: 21KB - Virtual size: 21KB