643207ee57535fcbce12b96840f5dc28e6aa7243c706c1878841be807c6775c4

Sharing

Copy URL Twitter E-mail

General

Target

643207ee57535fcbce12b96840f5dc28e6aa7243c706c1878841be807c6775c4
Size

266KB
MD5

68af400c3ff23cd308236bce499e3837
SHA1

57543d01680c952a5becf4a7c59cd64006d0e8a6
SHA256

643207ee57535fcbce12b96840f5dc28e6aa7243c706c1878841be807c6775c4
SHA512

90ae45be76db5db323a6551a5d393a66ba4b38e4668c3015993d0c2df66d19301a5b65f3a304f76f09cfe6563aa134220ea675d8681c734acdbd88240a6ebe5c
SSDEEP

3072:clsmlzweZNuvzH3VTcvFv9KZAGJovKjj6G1ylpiRugBYzfg1vaPaaynuSf:sjueruJTcvd9KZAGJoiJy0CzPAu

Score

N/A

Malware Config

Signatures

Files

643207ee57535fcbce12b96840f5dc28e6aa7243c706c1878841be807c6775c4
.exe windows x64

12233d4fc1140d20795cb3ef974326ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleFileNameW
lstrlenW
GetProcAddress
VirtualAlloc
FindClose
Process32FirstW
LoadLibraryW
CreateToolhelp32Snapshot
CloseHandle
LocalAlloc
WideCharToMultiByte
GetCurrentProcess
Process32NextW
FindFirstFileW
MultiByteToWideChar
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
GetCommandLineA
GetCPInfo
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapSetInformation
GetVersion
HeapCreate
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
GetACP
GetOEMCP
IsValidCodePage
HeapSize
InitializeCriticalSectionAndSpinCount
FreeLibrary
GetLocaleInfoW
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
WriteConsoleW
SetStdHandle
CreateFileW
LoadLibraryA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12233d4fc1140d20795cb3ef974326ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 17KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 17KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 2KB - Virtual size: 2KB