398f65b46922e4a5a21ae7372fdf320ec5183f6f72da5f754db173807693fba5

Sharing

Copy URL

Twitter E-mail

General

Target

398f65b46922e4a5a21ae7372fdf320ec5183f6f72da5f754db173807693fba5
Size

4.3MB
MD5

23e940efe55576aeea02f54992c58d09
SHA1

7620ba8933e3cf83e757ae042f2adfb980174c8e
SHA256

398f65b46922e4a5a21ae7372fdf320ec5183f6f72da5f754db173807693fba5
SHA512

4b8c70dfc87a7d0f429ef6bd21ec669d30cedd02e701b19e094afb4c6d913a2d2a71ba6adc41e702cec219814d00a981ae5e33447be055878a2ff4c99a769ae3
SSDEEP

98304:nCBL0ZGknFxCy1834O/Sf8QdI58ERNow9/uIsZI5K9aT:nQL0BFxX184O/aKRN9xloc

Score

N/A

Malware Config

Signatures

Files

398f65b46922e4a5a21ae7372fdf320ec5183f6f72da5f754db173807693fba5
.exe windows x86

297a1e3bf647d9351e4d737c7848b7a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
SetVolumeLabelA
SetDefaultCommConfigA
CreateMutexW
SetThreadContext
lstrlenA
TlsGetValue
SetLocalTime
GetCPInfo
BuildCommDCBAndTimeoutsA
SetUnhandledExceptionFilter
LoadLibraryExW
GetCommState
InterlockedDecrement
ReadConsoleOutputAttribute
GetProfileSectionA
WaitForSingleObject
CancelWaitableTimer
CallNamedPipeW
LocalFlags
FindNextVolumeMountPointA
WriteFile
SetProcessPriorityBoost
GetPrivateProfileIntA
LoadLibraryW
_hread
SetConsoleMode
HeapValidate
GetCommandLineW
GetBinaryTypeW
GetACP
CreateJobObjectA
GetNamedPipeHandleStateW
GetLargestConsoleWindowSize
GetStdHandle
FreeLibraryAndExitThread
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
VirtualAlloc
EnterCriticalSection
GetLocalTime
OpenMutexA
LocalAlloc
BeginUpdateResourceA
GetCommMask
AddAtomA
WaitForMultipleObjects
SetEnvironmentVariableA
DebugSetProcessKillOnExit
VirtualProtect
EnumDateFormatsW
DeleteFileW
CommConfigDialogW
lstrcpyA
SetSystemPowerState
GetSystemDefaultLangID
DeleteFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapAlloc
GetModuleHandleW
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
LeaveCriticalSection
GetFileType
WideCharToMultiByte
HeapFree
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
DeleteCriticalSection
HeapCreate
VirtualFree
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
MultiByteToWideChar
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
CloseHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

GetAncestor

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.2MB - Virtual size: 43.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

297a1e3bf647d9351e4d737c7848b7a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4.2MB - Virtual size: 43.6MB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4.2MB - Virtual size: 43.6MB

.rsrc
Size: 21KB - Virtual size: 21KB