70abcd2cc681cfdfc02ae7b9af0e2ffffe20712d032aaa8eea57ebf8d15dd61f

Sharing

Copy URL

Twitter E-mail

General

Target

70abcd2cc681cfdfc02ae7b9af0e2ffffe20712d032aaa8eea57ebf8d15dd61f
Size

30KB
MD5

6596003e672c31e8780b89e98ebf20b0
SHA1

6ff580454324c64c7f1aebdfb0c6c802b8d8b6e7
SHA256

70abcd2cc681cfdfc02ae7b9af0e2ffffe20712d032aaa8eea57ebf8d15dd61f
SHA512

8ba092bf57a15e03d4c3d9523818d2bfeaf36ddb1a0e389a0787bf1022e2ee46297778d31acfbf58a6d3cd63141be6c3f851466f4cff7d9bc138df0577423062
SSDEEP

768:xMyaD/Z9wuQDlnFXxFlQ8jgsorN3X10moR:xo1QDTBjqH10x

Score

N/A

Malware Config

Signatures

Files

70abcd2cc681cfdfc02ae7b9af0e2ffffe20712d032aaa8eea57ebf8d15dd61f
.exe windows x86

d8a73106fe3b40ff2a6b6f7538f72355

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CredUnprotectW
CredIsProtectedW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CheckTokenMembership

kernel32

HeapAlloc
GetProcessHeap
HeapFree
LocalFree
GetLastError
LocalAlloc
FreeLibrary
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
SetEvent
CloseHandle
WaitForSingleObject
CreateEventW
HeapSetInformation
DelayLoadFailureHook
InterlockedCompareExchange
LoadLibraryExA
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

_controlfp
__p__commode
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__setusermatherr
_vsnwprintf
memcpy
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
memset
__p__fmode

rpcrt4

UuidFromStringW
NdrServerCall2
RpcServerUseProtseqW
RpcServerRegisterIfEx
RpcServerInqBindings
RpcEpRegisterW
RpcServerListen
RpcEpUnregister
RpcBindingVectorFree
RpcServerUnregisterIf
RpcBindingInqAuthClientW
RpcRevertToSelf
RpcImpersonateClient
I_RpcBindingIsClientLocal

ntdll

RtlNtStatusToDosError

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8a73106fe3b40ff2a6b6f7538f72355

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

rpcrt4

ntdll

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 916B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 18KB - Virtual size: 21KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 916B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 18KB - Virtual size: 21KB