e6cdb2c7f8c1a41ac439a0e5599dd14f1912ef2b58a6b55a8a6596cbf946a943

Sharing

Copy URL Twitter E-mail

General

Target

e6cdb2c7f8c1a41ac439a0e5599dd14f1912ef2b58a6b55a8a6596cbf946a943
Size

898KB
MD5

66c844c0e51c84fd91178e9c483f5c00
SHA1

926a5435b0f682de9b175b6ba4d9db837ad3abd3
SHA256

e6cdb2c7f8c1a41ac439a0e5599dd14f1912ef2b58a6b55a8a6596cbf946a943
SHA512

82a2a72cd05911c25bf05a751f2d981b830cf0a40eef94d5ffec9463a5c52e253c2eb631c952a0831605c8814300cc489bc2e73b4872b09fe76f89c892753fee
SSDEEP

12288:sYTHkT+7WaqS0gOBBB3FJGLmoHVFkZ2n5k+s+eqyshp4uDSqxXvk:snvawg6BB6LvH8Z2n5k+Hfxvk

Score

N/A

Malware Config

Signatures

Files

e6cdb2c7f8c1a41ac439a0e5599dd14f1912ef2b58a6b55a8a6596cbf946a943
.exe windows x64

312fc7fd1e17a4ef9ec25deba51d7921

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetFileType
GetConsoleMode
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
CreateFileW
CloseHandle
DeviceIoControl
FormatMessageW
LocalFree
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
GetStdHandle
Sleep
SearchPathW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
OutputDebugStringA
GetLastError
QueryDosDeviceW
SetLastError
RtlCompareMemory
UnmapViewOfFile
GetSystemDefaultUILanguage
FindResourceExW
LoadResource
LoadLibraryExW
GetLocaleInfoW
GetVersionExW
CreateFileMappingW
GetUserDefaultUILanguage
MapViewOfFile

msvcrt

_commode
_fmode
__set_app_type
memcpy
memset
memmove
__setusermatherr
?terminate@@YAXXZ
free
calloc
isdigit
mbtowc
__mb_cur_max
isleadbyte
isxdigit
localeconv
_iob
_snprintf
_itoa
wctomb
malloc
ferror
iswctype
wcstombs
realloc
__badioinfo
__pioinfo
_read
_fileno
_lseeki64
_write
_isatty
ungetc
bsearch
wcsncmp
strncmp
wcsstr
wcsrchr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
_wcsupr
_wcslwr
_errno
_wsetlocale
towupper
iswspace
_vsnwprintf
wcschr
wcstoul
_wcsnicmp
_wcsicmp
memcmp

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
NtClose
NtOpenFile
RtlStringFromGUID
RtlGUIDFromString
RtlDosPathNameToNtPathName_U
RtlInitUnicodeString
RtlFreeUnicodeString
RtlAllocateHeap
RtlFreeHeap
RtlNtStatusToDosError
NtQuerySystemInformation
NtDeviceIoControlFile
NtWaitForSingleObject
NtCreateEvent
NtQueryKey
NtEnumerateKey
NtQueryAttributesFile
NtOpenKey
RtlCreateAcl
NtSaveKey
NtUnloadKey
RtlFreeSid
RtlSetDaclSecurityDescriptor
NtDeleteValueKey
NtLoadKey
NtOpenThreadToken
NtCreateKey
NtCreateFile
RtlLengthSecurityDescriptor
RtlAddAccessAllowedAceEx
NtOpenProcessToken
NtSetSecurityObject
NtQueryValueKey
NtSetValueKey
NtAdjustPrivilegesToken
NtDeleteKey
RtlAllocateAndInitializeSid
RtlLengthSid
RtlCreateSecurityDescriptor
RtlSetOwnerSecurityDescriptor
RtlInitAnsiString
NtOpenSymbolicLinkObject
LdrGetProcedureAddress
NtQuerySymbolicLinkObject
NtQueryInformationFile
LdrGetDllHandle
NtQueryVolumeInformationFile
NtDeleteFile
NtResetEvent
NtAllocateUuids

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 564KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

312fc7fd1e17a4ef9ec25deba51d7921

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

advapi32

Sections

.text Size: 193KB - Virtual size: 192KB

.data Size: 1KB - Virtual size: 2KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 564KB - Virtual size: 2.5MB

.text
Size: 193KB - Virtual size: 192KB

.data
Size: 1KB - Virtual size: 2KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 564KB - Virtual size: 2.5MB