14e8e77e419ff3d85e9c88fbf53d84d24d8330fbd82bf4ab89b7ff2779d0d112

Sharing

Copy URL Twitter E-mail

General

Target

14e8e77e419ff3d85e9c88fbf53d84d24d8330fbd82bf4ab89b7ff2779d0d112
Size

471KB
MD5

2dd652ad703becf7c580edf561cec155
SHA1

25eec3ec26db5187968aaedff27d98c698e5ec64
SHA256

14e8e77e419ff3d85e9c88fbf53d84d24d8330fbd82bf4ab89b7ff2779d0d112
SHA512

d0669ff2cdb9b899ad9986f664b3a0aab88b3efa9bffc6df8553ddb64f9db6feef9404c9a4dcf611b7970f5bc78c5ae129a62c695d97e62d6a739eff01dcd383
SSDEEP

6144:umVtjA9X1u1kjIo71pnAtuETnsMZ+aBekhihU4i0emAkp6ShZorLRW+WE+enWi:Z+3jN71h4HTDZ+QeiitizcLZorLR7

Score

N/A

Malware Config

Signatures

Files

14e8e77e419ff3d85e9c88fbf53d84d24d8330fbd82bf4ab89b7ff2779d0d112
.dll windows x64

d40ef14ecac28f632d62aa67486e7391

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mbstowcs
memcpy
_snwprintf
RtlNtStatusToDosError
memmove
strncmp
memcmp
strcmp
_snprintf
memset
StrChrA
StrCmpNA
StrStrIA
PathCombineW
StrStrA
PathFindFileNameW
StrChrW
StrRChrA
StrStrW
CryptUnprotectData
CryptStringToBinaryA
LocalFree
HeapAlloc
HeapFree
SetEvent
Sleep
CreateEventA
HeapDestroy
HeapCreate
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
lstrlenA
GetCurrentDirectoryW
FindClose
SetCurrentDirectoryW
FindNextFileW
lstrcpyW
WaitForSingleObject
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
OpenProcess
TerminateProcess
SetLastError
Process32FirstW
Process32NextW
lstrcmpiW
CreateToolhelp32Snapshot
GetFileSize
FreeLibrary
LoadLibraryW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
GetTempPathA
DeleteFileW
GetVersionExA
lstrlenW
OutputDebugStringA
GetCurrentThreadId
ExpandEnvironmentStringsW
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
GetSystemTime
GetDiskFreeSpaceW
LockFileEx
HeapSize
DeleteFileA
AreFileApisANSI
GetTempPathW
FlushFileBuffers
HeapValidate
GetVersionExW
FormatMessageW
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
QueryPerformanceCounter
SystemTimeToFileTime
SetEndOfFile
UnmapViewOfFile
LocalAlloc
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
RegOpenKeyA
RegQueryValueExW
CryptHashData
RegCloseKey
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CreateStreamOnHGlobal

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d40ef14ecac28f632d62aa67486e7391

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 12KB - Virtual size: 11KB

.bss0 Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 12KB - Virtual size: 11KB

.bss0
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB