cf91fa6c3227a1b916d2c7e29531aa42f391d9657cbb9ab1f728873d0adb552a

Sharing

Copy URL Twitter E-mail

General

Target

cf91fa6c3227a1b916d2c7e29531aa42f391d9657cbb9ab1f728873d0adb552a
Size

96KB
MD5

76f21c0c800dc73a9f7f3609d87eaef0
SHA1

fc8f7128eb4f03514ef1c0dc219b74eff9a0ccb1
SHA256

cf91fa6c3227a1b916d2c7e29531aa42f391d9657cbb9ab1f728873d0adb552a
SHA512

922bead0fedf3853bab702c989105be1321f6face533ab73f47e981dfaf0bba24f2075d83eed7f8ca51d12af088ab3f8b993957ad075391a7a663fc81c112355
SSDEEP

1536:Ks3YMn8KyAy/o27wt/UZ0GH1j+4Mo9CaLEJpyBoSdsUShc8ad53/k7jo/fh+Df5N:KgYUvVy/ji0noJgB1ds5c8adA8H0DxmG

Score

N/A

Malware Config

Signatures

Files

cf91fa6c3227a1b916d2c7e29531aa42f391d9657cbb9ab1f728873d0adb552a
.exe windows x64

9081777ebf1b7ee7afd90034058e8342

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetConsoleMode
FormatMessageW
WriteConsoleW
FileTimeToSystemTime
lstrlenW
GetConsoleOutputCP
GetStdHandle
GetLastError
GetProcAddress
GetLocalTime
GetFileType
HeapSetInformation
CloseHandle
lstrlenA
LoadLibraryW
WideCharToMultiByte
GetSystemDirectoryW
GetTimeFormatW
GetDateFormatW
LocalFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
Sleep
SystemTimeToTzSpecificLocalTime
FreeLibrary
MultiByteToWideChar

msvcrt

_lock
memcpy
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
_onexit
__wgetmainargs
??2@YAPEAX_K@Z
_wsetlocale
time
_iob
??3@YAXPEAX@Z
_vsnwprintf
printf
wcsrchr
wprintf
_errno
fflush
wcstoul
localtime
_tzset
free
malloc
??1type_info@@UEAA@XZ
memmove
_wspawnl
_CxxThrowException
__C_specific_handler
memset
_wcsicmp
wcschr
__CxxFrameHandler3

ntdll

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

ws2_32

FreeAddrInfoW
WSAAddressToStringW
WSACleanup
WSAGetLastError
WSAStartup
WSAStringToAddressW
GetAddrInfoW

ole32

CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CLSIDFromString

wevtapi

EvtNext
EvtQuery
EvtRender
EvtCreateRenderContext
EvtFormatMessage
EvtOpenPublisherMetadata
EvtClose

advapi32

TraceMessage
FreeSid
AllocateAndInitializeSid
CheckTokenMembership

oleaut32

SafeArrayAccessData
VariantClear
SafeArrayUnaccessData
SysFreeString
SysStringLen
SysAllocString
SysAllocStringByteLen

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pkqbymr
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9081777ebf1b7ee7afd90034058e8342

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

ws2_32

ole32

wevtapi

advapi32

oleaut32

Sections

.text Size: 65KB - Virtual size: 64KB

.data Size: 512B - Virtual size: 26KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 24KB - Virtual size: 24KB

pkqbymr Size: - Virtual size: 4KB

.text
Size: 65KB - Virtual size: 64KB

.data
Size: 512B - Virtual size: 26KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 24KB - Virtual size: 24KB

pkqbymr
Size: - Virtual size: 4KB