34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3

Sharing

Copy URL

Twitter E-mail

General

Target

34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3
Size

745KB
MD5

afe3aa9bfb03904fe2037f6555f95085
SHA1

de6825b381987684eb6797eaea5c8ad452190e15
SHA256

34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3
SHA512

55e14f1221b5c79b936a072c5c460ce7867ad42a1495bf28cdb1f715574ab7e58b79db6a98c5fe39f1e0bb4d68aadd5da57ed6d26e80300112ceaf7609683321
SSDEEP

12288:BVaIeSwSl+JZhAkIZnQ22bLXG1yg0tQGSSKSeD/mum+YQBPsKK+SQOQkOzs:vaIeSwSl+zhHIpygOQGSS6JBPsKaQk6s

Score

N/A

Malware Config

Signatures

Files

34e7475ed59653ed5eb093679c4d5c98a4060ad055f7329123aa3b18f73d7fa3
.exe windows x86

d63e920222aab555f1e4385b502e5927

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace
RtlUnwind

api-ms-win-core-processthreads-l1-1-0

ExitProcess
ResumeThread
ExitThread
GetCurrentThread
GetExitCodeThread
GetCurrentThreadId
FlushProcessWriteBuffers
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
TerminateProcess
SwitchToThread
GetStartupInfoW
GetCurrentProcessId
CreateThread

api-ms-win-core-processthreads-l1-1-1

GetCurrentProcessorNumber
IsProcessorFeaturePresent

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolWork
CloseThreadpoolWait
SubmitThreadpoolWork
SetThreadpoolWait
CreateThreadpoolWait
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
WaitForThreadpoolTimerCallbacks

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibraryAndExitThread
GetProcAddress
GetModuleHandleExW
FreeLibrary

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitOnceExecuteOnce
Sleep
InitializeConditionVariable

api-ms-win-core-localization-l1-2-0

GetLocaleInfoEx
GetLocaleInfoW
EnumSystemLocalesW
GetCPInfo
IsValidLocale
GetUserDefaultLCID
LCMapStringW
IsValidCodePage
GetACP
LCMapStringEx
FormatMessageA
GetOEMCP

api-ms-win-core-synch-l1-1-0

SetEvent
CreateEventExW
EnterCriticalSection
ResetEvent
CreateEventW
WaitForSingleObjectEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
CreateSemaphoreExW
InitializeSRWLock

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-file-l1-1-0

FindFirstFileExW
GetFileSizeEx
CreateFileW
ReadFile
FindClose
SetFilePointerEx
WriteFile
FlushFileBuffers
SetFileInformationByHandle
FindNextFileW
GetFileType

api-ms-win-core-fibers-l1-1-0

FlsFree
FlsGetValue
FlsSetValue
FlsAlloc

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemTimeAsFileTime

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx
CreateSymbolicLinkW

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringEx
CompareStringW
WideCharToMultiByte
MultiByteToWideChar

user32

PostQuitMessage
DefWindowProcW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InitializeSListHead
InterlockedFlushSList

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineA
GetCommandLineW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetEnvironmentStringsW
SetStdHandle
GetStdHandle

api-ms-win-core-console-l1-1-0

GetConsoleMode
WriteConsoleW
GetConsoleOutputCP
SetConsoleCtrlHandler
ReadConsoleW

api-ms-win-core-heap-l1-1-0

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformation

Sections

.text
Size: 507KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d63e920222aab555f1e4385b502e5927

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-fibers-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-string-l1-1-0

user32

api-ms-win-core-debug-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-console-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-datetime-l1-1-0

api-ms-win-core-timezone-l1-1-0

Sections

.text Size: 507KB - Virtual size: 506KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 119KB - Virtual size: 125KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 507KB - Virtual size: 506KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 119KB - Virtual size: 125KB

.reloc
Size: 21KB - Virtual size: 21KB