dd183fac7e84a39c0e3fc55996baf4acbaec403dbde34fdf4e1def438baafe6b

Sharing

Copy URL Twitter E-mail

General

Target

dd183fac7e84a39c0e3fc55996baf4acbaec403dbde34fdf4e1def438baafe6b
Size

314KB
MD5

439cfe7fec376028d59d5d4a63bab040
SHA1

ef8feeced3f1ae565b441b34c69a8c73c46f231b
SHA256

dd183fac7e84a39c0e3fc55996baf4acbaec403dbde34fdf4e1def438baafe6b
SHA512

7b00b69d35cd01b68090df1b6cbe7153331e38406260d480323bd39ba627e1d6100061413ed0000cf94409b6cbb5f34a52d91fc64e5e89fb8e41e7b0247d69d5
SSDEEP

6144:G3GF7LHaOYP72iL/yTupcOs+a2OkjQjc3ixSxKcfuCle3VFEDeq9z5qRZ0g+:YGF7p672ilKOsTkjqc3eeFdDeq9VKj+

Score

N/A

Malware Config

Signatures

Files

dd183fac7e84a39c0e3fc55996baf4acbaec403dbde34fdf4e1def438baafe6b
.exe windows x86

a66d1d5150df7a93f0a1d9954048c827

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetModuleFileNameW
CreateFileW
GetLastError
GetProcAddress
CloseHandle
SetFileAttributesW
SizeofResource
SetFileTime
SetFilePointer
ReadFile
Sleep
WriteFile
GetProcessHeap
GetModuleHandleW
HeapFree
GetCurrentProcess
MoveFileExW
HeapAlloc
LoadResource
FindResourceW
CreateDirectoryW
GetTempFileNameW
DeleteFileW
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringW
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
InitializeCriticalSectionAndSpinCount
LoadLibraryA

advapi32

QueryServiceConfigW
RegOpenKeyExW
GetFileSecurityW
DuplicateToken
RegQueryValueExW
AccessCheck
OpenServiceW
MapGenericMask
OpenSCManagerW
OpenProcessToken
CloseServiceHandle
RegCloseKey

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

algokai
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a66d1d5150df7a93f0a1d9954048c827

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 14KB

.rsrc Size: 203KB - Virtual size: 203KB

.reloc Size: 33KB - Virtual size: 34KB

algokai Size: - Virtual size: 4KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 14KB

.rsrc
Size: 203KB - Virtual size: 203KB

.reloc
Size: 33KB - Virtual size: 34KB

algokai
Size: - Virtual size: 4KB