a5475e952fc5f2b07f3ccae4f5b43f0d6337987aaa010d70dbc30613f37da522

Sharing

Copy URL

Twitter E-mail

General

Target

a5475e952fc5f2b07f3ccae4f5b43f0d6337987aaa010d70dbc30613f37da522
Size

213KB
MD5

fef73a69abfb74d9b9b14be73d561272
SHA1

bed43d4c24cc1fd1937f5d366e192f80fe325b98
SHA256

a5475e952fc5f2b07f3ccae4f5b43f0d6337987aaa010d70dbc30613f37da522
SHA512

1e32471fcacb2c6d11cdf90a793a2bbfd245c0e60364124e1b148993499519316afc9039d2a9f0cfffaba606a0e206d0e404ad51768bc531c576e21662316409
SSDEEP

6144:rFLf3tkMvQYRkROzWtNsbUnBR0OqRkHx:ZrtkMYquOzkNxRxqmHx

Score

N/A

Malware Config

Signatures

Files

a5475e952fc5f2b07f3ccae4f5b43f0d6337987aaa010d70dbc30613f37da522
.exe windows x86

79b09897076db99b271d88a44f41c588

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GlobalAlloc
GetPrivateProfileStructW
GetSystemTimeAdjustment
TransactNamedPipe
IsProcessorFeaturePresent
GetBinaryTypeA
GetMailslotInfo
GetTimeZoneInformation
GetOverlappedResult
ExitThread
lstrlenW
SetConsoleTitleA
VirtualUnlock
SetThreadLocale
GetCPInfoExW
FreeLibraryAndExitThread
SetLastError
VirtualAlloc
GetComputerNameExW
BuildCommDCBW
GetVolumePathNameW
GetDiskFreeSpaceW
LocalAlloc
GlobalMemoryStatusEx
GetProfileStringA
GetCommMask
FindFirstVolumeMountPointA
lstrcatW
CancelTimerQueueTimer
FatalExit
EnumResourceNamesA
GetPrivateProfileSectionA
CreateMailslotA
VirtualProtect
CompareStringA
OutputDebugStringA
GetDiskFreeSpaceExW
ReadConsoleInputW
TerminateJobObject
EnumResourceLanguagesW
FindNextVolumeA
EnumResourceTypesA
GetDateFormatA
GetWindowsDirectoryA
FormatMessageA
GetConsoleAliasesLengthA
SetTapeParameters
_lcreat
BackupSeek
GlobalSize
SetConsoleActiveScreenBuffer
GetCommState
MoveFileExW
DeleteVolumeMountPointA
WriteConsoleOutputCharacterA
GetLocaleInfoA
GetNativeSystemInfo
FindFirstFileW
UnregisterWait
RemoveVectoredExceptionHandler
SetDefaultCommConfigA
HeapReAlloc
GlobalFree
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
CloseHandle
CreateFileA
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
WideCharToMultiByte
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap
MultiByteToWideChar
ReadFile
HeapSize
GetLocaleInfoW
GetTimeFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA

advapi32

ControlService
SetPrivateObjectSecurity
AdjustTokenPrivileges
OpenEventLogA
RegNotifyChangeKeyValue
InitializeSid
SetKernelObjectSecurity
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueW
AreAllAccessesGranted
SetTokenInformation
RegSetValueExA
GetTokenInformation
OpenServiceW
LogonUserW
OpenThreadToken
ObjectOpenAuditAlarmA
GetSidSubAuthority
CloseServiceHandle
LookupPrivilegeNameW

Exports

Exports

_MyFunc124@4

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cavix
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gedap
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vaduken
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79b09897076db99b271d88a44f41c588

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 12KB

.cavix Size: 1024B - Virtual size: 1024B

.gedap Size: 1024B - Virtual size: 1024B

.vaduken Size: 1KB - Virtual size: 5KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 12KB

.cavix
Size: 1024B - Virtual size: 1024B

.gedap
Size: 1024B - Virtual size: 1024B

.vaduken
Size: 1KB - Virtual size: 5KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 4KB - Virtual size: 4KB