e65412dc0e051a26ab04669d389af0db9c237e8e7ea03e44e475f1b2dc27e36f

Sharing

Copy URL

Twitter E-mail

General

Target

e65412dc0e051a26ab04669d389af0db9c237e8e7ea03e44e475f1b2dc27e36f
Size

131KB
MD5

5d028bb00e92f5692654094b4222329d
SHA1

eab036078b366b7600d2d6c1df33b0eb4e0326fb
SHA256

e65412dc0e051a26ab04669d389af0db9c237e8e7ea03e44e475f1b2dc27e36f
SHA512

8299573caf4b736b09741c8bc53a0e8dde18a0ad975fd97f5b755b23409695d15d8e5817f3bc7e1a4644b8b8210e8da7332e6d2c85b425c94530583a323936d3
SSDEEP

3072:/9rX0wb+224HyPwx5ubXJWeIVdig7F9hKLaEO8+32:hX0wbdKQubXJWeq3xEO

Score

N/A

Malware Config

Signatures

Files

e65412dc0e051a26ab04669d389af0db9c237e8e7ea03e44e475f1b2dc27e36f
.exe windows x86

987d4e3937db26bd26c10cde731b4b09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FoldStringA
InterlockedIncrement
SetWaitableTimer
WaitNamedPipeA
BuildCommDCBW
GetSystemTimeAdjustment
ReadConsoleInputA
SearchPathA
EnumResourceTypesW
GetCPInfoExA
ExpandEnvironmentStringsW
GetModuleFileNameA
BeginUpdateResourceW
GetConsoleAliasExesLengthA
WriteConsoleOutputCharacterA
WriteConsoleW
DeleteFileW
LocalAlloc
GetProcAddress
GetModuleHandleW
AddRefActCtx
GetConsoleAliasA
GetSystemWindowsDirectoryW
FindFirstChangeNotificationA
GlobalAddAtomA
WritePrivateProfileStringW
EnumResourceNamesA
SearchPathW
lstrcpynA
FindFirstFileExW
GetVolumeInformationA
GetCurrentDirectoryA
GetConsoleAliasesLengthW
AllocConsole
SetPriorityClass
OpenJobObjectW
_lclose
SetCommMask
GetConsoleTitleW
CreateDirectoryExW
FillConsoleOutputCharacterW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
HeapFree
Sleep
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapSize
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent

advapi32

BackupEventLogW
CloseEventLog
DeregisterEventSource
BackupEventLogA
GetNumberOfEventLogRecords
GetEventLogInformation

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

987d4e3937db26bd26c10cde731b4b09

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 72KB - Virtual size: 446KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 72KB - Virtual size: 446KB

.rsrc
Size: 25KB - Virtual size: 25KB