era5ne6[.]rar | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

era5ne6.rar
Size

373KB
MD5

c379b0ae73d8763711c50f57607979fe
SHA1

2affa7b64aa34b84172bbdcd8c5a09f340e6a328
SHA256

ace691c336e0c9a311681ccd4768d52feacc30e13e667ee577a590bff837caa9
SHA512

6790ecd81dd943fdde0f9c03348a8c8f3d0f1a936c89ad3863def66848dc4de58af71d66e6da4a0d54d394d1182897e1c9eb66d64f159886adec3e1d34476e2b
SSDEEP

6144:QazDDMR7/G47LrVk7gGKLtfV55dgUjPdU1eSWbj8:QiAR7/GkOnkttndU1el8

Score

N/A

Malware Config

Signatures

Files

era5ne6.rar
.dll windows x86

5383492b5e907d0dc6a11002282063a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
CreateFileW
GetVolumeInformationW
GetSystemTime
OpenProcess
GetVersionExW
GetModuleHandleW
GetDateFormatW
LockResource
VirtualProtect
Sleep
GetCurrentDirectoryW
FindFirstChangeNotificationW
VirtualProtectEx
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
HeapSize
LoadLibraryA
CreateFileA
FlushFileBuffers
GetTimeFormatA
GetDateFormatA
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
HeapFree
WideCharToMultiByte
GetTimeZoneInformation
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
CloseHandle
RtlUnwind
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

tapi32

lineAccept
lineClose
lineOpenW
lineTranslateAddressW
lineShutdown
lineInitializeExW
lineTranslateDialogW

Exports

Exports

Cutmass
Middlewall

Sections

.text
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5383492b5e907d0dc6a11002282063a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

version

tapi32

Exports

Exports

Sections

.text Size: 333KB - Virtual size: 332KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 372KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 333KB - Virtual size: 332KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 372KB

.reloc
Size: 8KB - Virtual size: 7KB