0459f638d30290cf4e493d08335b2e462e58a104a2ea87b6ede2dd99a32fa954

Sharing

Copy URL Twitter E-mail

General

Target

0459f638d30290cf4e493d08335b2e462e58a104a2ea87b6ede2dd99a32fa954
Size

253KB
MD5

fe1b55db0b7bf1af98f2431d3bcb7d39
SHA1

180c3200c4584f1ba3c911c5a6379ac2be3da252
SHA256

0459f638d30290cf4e493d08335b2e462e58a104a2ea87b6ede2dd99a32fa954
SHA512

57196ee0ad79004bb478496b7603f55c5a12f1ebea83423ca17da95ec1457a14db064c4ceca4ebf098469f767d360f432e10daeb5583b049623bd82d3708ba4a
SSDEEP

3072:D4mlzweZNuvzH3VTcvFv9KZAGJovKjj6G1ylpiRzB:DXueruJTcvd9KZAGJoiJy0

Score

N/A

Malware Config

Signatures

Files

0459f638d30290cf4e493d08335b2e462e58a104a2ea87b6ede2dd99a32fa954
.exe windows x64

12233d4fc1140d20795cb3ef974326ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleFileNameW
lstrlenW
GetProcAddress
VirtualAlloc
FindClose
Process32FirstW
LoadLibraryW
CreateToolhelp32Snapshot
CloseHandle
LocalAlloc
WideCharToMultiByte
GetCurrentProcess
Process32NextW
FindFirstFileW
MultiByteToWideChar
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
GetCommandLineA
GetCPInfo
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapSetInformation
GetVersion
HeapCreate
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
GetACP
GetOEMCP
IsValidCodePage
HeapSize
InitializeCriticalSectionAndSpinCount
FreeLibrary
GetLocaleInfoW
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
WriteConsoleW
SetStdHandle
CreateFileW
LoadLibraryA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12233d4fc1140d20795cb3ef974326ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 8KB - Virtual size: 17KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 54KB - Virtual size: 54KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 17KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 2KB - Virtual size: 1KB