e1c49abde1745e01d512724a76d7daeb220f2cd58564d1dd65d44fbf7581ddb7

Sharing

Copy URL Twitter E-mail

General

Target

e1c49abde1745e01d512724a76d7daeb220f2cd58564d1dd65d44fbf7581ddb7
Size

314KB
MD5

7781fc509e218a871c347bed698ad765
SHA1

5a5dde4b034e6f7fd7e90685cd7d2624a0de7f7e
SHA256

e1c49abde1745e01d512724a76d7daeb220f2cd58564d1dd65d44fbf7581ddb7
SHA512

d037572f254397c18df792f5de1b19e69fc976d3c02c3f440470cc5dba0b12f535851533f0fe5ad53706259c6e7580d20d5edf635b185b04b25561138698909c
SSDEEP

6144:S1q1YBVNeURZDZT5oT2AXot8QbEwjoNCBSxSahrxu0Xe:4yYBLeURZDZ9o/Y172mmJB

Score

N/A

Malware Config

Signatures

Files

e1c49abde1745e01d512724a76d7daeb220f2cd58564d1dd65d44fbf7581ddb7
.exe windows x86

bbb3798043b002e6c8a56e5635f66455

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateProcessA
CloseHandle
GetStartupInfoA
DeleteFileA
GetTickCount
GetLocalTime
GetFileTime
GetDiskFreeSpaceA
GetTimeFormatA
LoadLibraryA
ExitProcess
GetCurrentProcessId
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
TlsSetValue
TlsAlloc
IsProcessorFeaturePresent
VirtualProtect
GetSystemInfo
GetSystemTimeAsFileTime
SetFileAttributesA
GetLastError
GetFileAttributesA
DuplicateHandle
GetCurrentProcess
GetTimeFormatW
GetDateFormatW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
WideCharToMultiByte
GetTimeZoneInformation
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
SetHandleCount
GetStdHandle
DeleteCriticalSection
CreateFileA
CreateFileW
TlsGetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
GetProcAddress
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
MultiByteToWideChar
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
FatalAppExitA
RtlUnwind
GetConsoleCP
GetConsoleMode
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile
InterlockedExchange
HeapReAlloc
LCMapStringW
GetStringTypeW
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryW
GetLocaleInfoW
WriteConsoleW
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA
LocalAlloc
LocalFree
RaiseException

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbb3798043b002e6c8a56e5635f66455

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 100KB - Virtual size: 152KB

.rsrc Size: 1024B - Virtual size: 768B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 100KB - Virtual size: 152KB

.rsrc
Size: 1024B - Virtual size: 768B

.reloc
Size: 5KB - Virtual size: 4KB