fe729af46c2b657ba3ac44af2934713db6cd7aee5074bd5c279174ed60714341

Sharing

Copy URL Twitter E-mail

General

Target

fe729af46c2b657ba3ac44af2934713db6cd7aee5074bd5c279174ed60714341
Size

55KB
MD5

65eb2f793711da82ecaab2aec146e7f0
SHA1

46d6b276d210fd26277062ba8b9f02cc5b3a6d8e
SHA256

fe729af46c2b657ba3ac44af2934713db6cd7aee5074bd5c279174ed60714341
SHA512

ed1bc6f258718dd50d6ad1a7db8e559e92c3b84f199247589bb64958dd09d6b72015aebefd9a1bad8de6d6ce80296776b755a8920d8c3689d15d5d88369593b6
SSDEEP

1536:pITUEOdK18ihLc5oBN3IL3Cu2mhwMwRWw4LGmlLRKP15u0:CTUv6MYN3IeOhMoPGmtYK

Score

N/A

Malware Config

Signatures

Files

fe729af46c2b657ba3ac44af2934713db6cd7aee5074bd5c279174ed60714341
.exe windows x86

f5f172d1d9683f90973de1d623804fe5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetConsoleCtrlHandler
Sleep
SetConsoleCursorPosition
ReadConsoleInputW
PeekConsoleInputW
GetConsoleScreenBufferInfo
FlushConsoleInputBuffer
GetNumberOfConsoleInputEvents
SetConsoleMode
GetConsoleMode
GetStdHandle
SetLastError
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleFileNameW
GetConsoleOutputCP
GetSystemDirectoryW
LoadLibraryW
FreeLibrary
HeapReAlloc
HeapFree
WriteConsoleW
HeapSize
HeapAlloc
GetProcessHeap
HeapValidate
WideCharToMultiByte
CompareStringA
GetThreadLocale
CompareStringW
lstrlenW
GetFileType
VerifyVersionInfoW
FormatMessageW
LocalFree
GetLastError

user32

CharUpperW
LoadStringW

ws2_32

WSACleanup

shlwapi

StrChrIW
StrStrW
StrStrIW
StrChrW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

_adjust_fdiv
__setusermatherr
fprintf
fflush
wcstod
_initterm
_except_handler3
_fileno
wcstol
_errno
_iob
time
_vsnwprintf
_controlfp
__set_app_type
__p__fmode
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_get_osfhandle
__p__commode
_exit
_c_exit
wcstoul

ntdll

VerSetConditionMask

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ddonvco
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5f172d1d9683f90973de1d623804fe5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

shlwapi

version

msvcrt

ntdll

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 384B

.rsrc Size: 33KB - Virtual size: 34KB

ddonvco Size: - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 384B

.rsrc
Size: 33KB - Virtual size: 34KB

ddonvco
Size: - Virtual size: 4KB