62565cdb46be8902aba85da02d0bc34aeb72c838efa32f037c28403e43a354f2

Sharing

Copy URL Twitter E-mail

General

Target

62565cdb46be8902aba85da02d0bc34aeb72c838efa32f037c28403e43a354f2
Size

865KB
MD5

446a430a3023d4581e0ef8d08fc859d0
SHA1

c50b062e2537379dfb272560c2220ca4ce1790e3
SHA256

62565cdb46be8902aba85da02d0bc34aeb72c838efa32f037c28403e43a354f2
SHA512

368f29993a12cf55bc36d959e2e596093d750682d5167daa3bb6e3a8559c15d619b67946429590f004aa43c811c050ac8950cf2ad37d480f754dc4df751527b0
SSDEEP

24576:c3lGf1r0uSutGim8DNP6ybJGh52s+ZHGOKbUUhpw:cVsGi5pP6ybJGh4s2gU8

Score

N/A

Malware Config

Signatures

Files

62565cdb46be8902aba85da02d0bc34aeb72c838efa32f037c28403e43a354f2
.exe windows x64

f1139e1912da28cb5f5f511c9620c725

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

strncpy
memcmp
__chkstk
strcmp
wcslen
memset
memcpy
strncmp
strlen
strcpy
strcat
strstr
strrchr

kernel32

MultiByteToWideChar
QueryPerformanceCounter
Beep
GetCurrentProcess
VirtualAlloc
VirtualProtect
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetCurrentProcessId
LeaveCriticalSection
TryEnterCriticalSection
CreateFileW
DeviceIoControl
GetSystemDirectoryA
EnterCriticalSection
ExitThread
DuplicateHandle
SetLastError
SetEvent
ResetEvent
CreateEventW
TerminateProcess
GetCurrentThread
GetTickCount64
VirtualQuery
CreateDirectoryW
CreateFileA
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileSizeEx
ReadFile
WriteFile
OutputDebugStringW
HeapAlloc
HeapFree
GetProcessHeap
SetThreadPriority
CreateProcessA
GetSystemTime
FreeLibrary
LoadLibraryExA
GlobalAlloc
GlobalUnlock
GlobalLock
FormatMessageA
SystemTimeToTzSpecificLocalTime
CreateToolhelp32Snapshot
Process32First
Process32Next
QueryPerformanceFrequency
InitializeCriticalSection
ReleaseMutex
CreateMutexA
SetPriorityClass
GetSystemInfo
QueryFullProcessImageNameW
GetUserPreferredUILanguages
CreateThread
Sleep
WaitForSingleObject
GetLastError
CloseHandle
OpenProcess

user32

DispatchMessageA
PeekMessageA
DefWindowProcA
RegisterClassExA
CreateWindowExA
DestroyWindow
SetWindowPos
FillRect
LoadCursorA
IsWindow
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SendInput
MapVirtualKeyA
InvalidateRect
SetWindowLongPtrA
FindWindowW
GetWindowInfo
GetForegroundWindow
GetCursorPos
ReleaseDC
GetDC
SetForegroundWindow
TranslateMessage

gdi32

CreateCompatibleBitmap
GetDeviceCaps
MoveToEx
StretchDIBits
SetBkColor
Rectangle
LineTo
CreateSolidBrush
CreatePen
CreateFontA
BitBlt
TextOutW
SetTextColor
SetBkMode
CreateCompatibleDC
DeleteObject
SelectObject

Sections

.text
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1139e1912da28cb5f5f511c9620c725

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

user32

gdi32

Sections

.text Size: 403KB - Virtual size: 403KB

.rdata Size: 232KB - Virtual size: 231KB

.data Size: 28KB - Virtual size: 49KB

.pdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 195KB - Virtual size: 194KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 403KB - Virtual size: 403KB

.rdata
Size: 232KB - Virtual size: 231KB

.data
Size: 28KB - Virtual size: 49KB

.pdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 195KB - Virtual size: 194KB

.reloc
Size: 512B - Virtual size: 64B