c4e30067644d0565788de14c7b876b1ac5e7c87e6aeade5e213964e9ead9d8a2

Sharing

Copy URL Twitter E-mail

General

Target

c4e30067644d0565788de14c7b876b1ac5e7c87e6aeade5e213964e9ead9d8a2
Size

592KB
MD5

fbf585c98faef93f903510a1fec37133
SHA1

fd40d66f572158489ae53bbe35faa94d21e69821
SHA256

c4e30067644d0565788de14c7b876b1ac5e7c87e6aeade5e213964e9ead9d8a2
SHA512

1f094d13ea57f93e5445c8091cd789f6bdfb3a58f13665f36e14c13d396c29bc1ab72e35cf1bfae80f30b3a864a8514b93824cdc00488f477ff348252b1f4c00
SSDEEP

6144:mGuR5re4zvRjFyMVI3DCo3MudRr7ohgRKSXSnKUZs2k:TuR5reevRjFVKMuDnoUgnxs2

Score

N/A

Malware Config

Signatures

Files

c4e30067644d0565788de14c7b876b1ac5e7c87e6aeade5e213964e9ead9d8a2
.exe windows x64

7d8843cedd808ce2391fa27664b93ed7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RaiseException
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
DecodePointer
LocalFree
SetEndOfFile
WriteConsoleW
CreateFileW
ReadConsoleW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EncodePointer
LCMapStringEx
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
CreateDirectoryW
GetModuleFileNameW
GetTempPathA
GetFileAttributesA
GetLocalTime
RtlUnwindEx
RtlPcToFileHeader
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
HeapFree
HeapAlloc
GetFileType
HeapSize
HeapReAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
SetFilePointerEx
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
FindClose
RtlUnwind

user32

wsprintfA
IsWindow
FindWindowW
PostMessageW

shell32

CommandLineToArgvW
SHGetFolderPathW

ole32

CoInitialize
CoCreateInstance

shlwapi

StrCmpIW

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d8843cedd808ce2391fa27664b93ed7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

shlwapi

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 77KB - Virtual size: 77KB

.data Size: 4KB - Virtual size: 10KB

.pdata Size: 10KB - Virtual size: 9KB

_RDATA Size: 512B - Virtual size: 384B

.rsrc Size: 303KB - Virtual size: 302KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 77KB - Virtual size: 77KB

.data
Size: 4KB - Virtual size: 10KB

.pdata
Size: 10KB - Virtual size: 9KB

_RDATA
Size: 512B - Virtual size: 384B

.rsrc
Size: 303KB - Virtual size: 302KB

.reloc
Size: 2KB - Virtual size: 2KB