a5a77a06940cb5c8933934b8c9e4ac27[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

a5a77a06940cb5c8933934b8c9e4ac27.exe
Size

364KB
MD5

a5a77a06940cb5c8933934b8c9e4ac27
SHA1

a4d0bebefcbef7b718acd9f2e69a9b7767213a51
SHA256

7626e47624b6d66f33395c1c0febb9d8f2c8eb9197ad4eda6c61f86f8660b7b8
SHA512

dcaaabc990fd6f971810887a27cd7204bf5cc3cd16e7f4ac0712e41a277051980a079f4b9ea181d1d4509aa56b6b74d454ad2877b50e67029080adb79e7a5aad
SSDEEP

6144:jbNMjAR8uXkkl1dwZoM+zZKRotI2XOyMS0OlPMF5OThZqn:3NRrXkCwZoMzitLO7fAZ

Score

N/A

Malware Config

Signatures

Files

a5a77a06940cb5c8933934b8c9e4ac27.exe
.exe windows x86

18d6edbf6cd270b11d781857738bea6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerifyVersionInfoW
WriteConsoleInputA
EnumDateFormatsW
CopyFileExW
DnsHostnameToComputerNameW
FindNextFileW
ReadConsoleOutputCharacterW
SetConsoleActiveScreenBuffer
LockFile
GetProfileSectionW
QueryDosDeviceW
RequestWakeupLatency
GetProcessPriorityBoost
GetDriveTypeW
GlobalGetAtomNameA
DeleteFileW
FindNextVolumeMountPointW
TlsSetValue
SizeofResource
WriteConsoleInputW
GetConsoleTitleW
GetComputerNameExW
OpenEventA
CallNamedPipeA
GetModuleHandleA
GetSystemDirectoryA
GetDriveTypeA
BuildCommDCBAndTimeoutsA
GetProcAddress
GetShortPathNameA
DeleteFileA
GetCommandLineW
InterlockedIncrement
InterlockedExchange
CopyFileW
CreateActCtxW
FormatMessageA
GetModuleHandleW
EnterCriticalSection
FindNextVolumeA
CreateIoCompletionPort
LoadLibraryA
CreateNamedPipeA
GetSystemDefaultLangID
GetConsoleAliasesLengthA
WriteProfileSectionW
AddAtomW
InterlockedDecrement
HeapFree
_hread
InterlockedCompareExchange
GetStartupInfoW
CreateMailslotW
GetCPInfoExW
GetSystemWow64DirectoryW
GetLastError
GetPrivateProfileIntW
GetConsoleAliasExesLengthW
WaitForDebugEvent
SetLastError
VerifyVersionInfoA
GetDefaultCommConfigA
VirtualAlloc
GetACP
lstrcatW
GetConsoleAliasA
GetDiskFreeSpaceExA
TerminateProcess
EnumResourceLanguagesA
SetConsoleTextAttribute
GlobalGetAtomNameW
CreateJobSet
MoveFileW
GetComputerNameW
EnumSystemLocalesA
WritePrivateProfileSectionW
WritePrivateProfileStructA
GetPrivateProfileSectionNamesW
GetFileAttributesW
FileTimeToSystemTime
SetTapeParameters
lstrcmpW
SetEvent
MoveFileA
CreateMutexW
FindResourceA
GetCommState
CreateFiber
GetConsoleFontSize
LocalAlloc
SetFileShortNameA
lstrcpyW
HeapLock
GetFileAttributesA
SetCalendarInfoW
GetSystemWindowsDirectoryW
SetComputerNameA
GetConsoleAliasesW
EnumDateFormatsExW
GetPrivateProfileStructW
LocalFlags
OpenWaitableTimerA
EnumResourceNamesW
CreateFileMappingA
SetProcessShutdownParameters
lstrcpynW
GetFullPathNameA
WriteConsoleW
FreeUserPhysicalPages
WriteConsoleOutputCharacterW
OpenJobObjectW
CreateFileA
SetCurrentDirectoryA
GlobalWire
GetFileInformationByHandle
CommConfigDialogW
CloseHandle
LoadLibraryW
LocalFree
Sleep
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
WideCharToMultiByte
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
GetCurrentProcess
IsDebuggerPresent
TlsGetValue
TlsAlloc
GetCurrentThreadId
TlsFree
GetOEMCP
GetCPInfo
IsValidCodePage
SetFilePointer
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
DebugBreak
OutputDebugStringA
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

user32

CharToOemBuffW
CharUpperW
GetMessageTime
LoadMenuW

advapi32

InitiateSystemShutdownW

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bifil
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zowi
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gegu
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18d6edbf6cd270b11d781857738bea6a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 198KB - Virtual size: 198KB

.data Size: 134KB - Virtual size: 170KB

.bifil Size: 1024B - Virtual size: 1024B

.zowi Size: 1024B - Virtual size: 1024B

.gegu Size: 512B - Virtual size: 150B

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 198KB - Virtual size: 198KB

.data
Size: 134KB - Virtual size: 170KB

.bifil
Size: 1024B - Virtual size: 1024B

.zowi
Size: 1024B - Virtual size: 1024B

.gegu
Size: 512B - Virtual size: 150B

.rsrc
Size: 28KB - Virtual size: 27KB