52e6186530bf30bfb51ce79c0d934d09ca062e19a3a8fb02ba09c07157827264

Sharing

Copy URL Twitter E-mail

General

Target

52e6186530bf30bfb51ce79c0d934d09ca062e19a3a8fb02ba09c07157827264
Size

59KB
MD5

6e61a6c7003f1e0c51ed0e098ca7df60
SHA1

aa4f7f58ce5111a31bf3172e83efab96cacc86ea
SHA256

52e6186530bf30bfb51ce79c0d934d09ca062e19a3a8fb02ba09c07157827264
SHA512

22a57817f07562ffc11f5f1e34848598a91aae09db0feda41db6880f96389f7f14dbd9370ad1623e34d4b548658f71cbd1cefc4b2d465401ea895e935fa74863
SSDEEP

1536:XGrE5ZqkSafIFT6hNErcXl46FHwxq5pWtN6xHWG:XA3ja6T6heqRcnGd

Score

N/A

Malware Config

Signatures

Files

52e6186530bf30bfb51ce79c0d934d09ca062e19a3a8fb02ba09c07157827264
.exe windows x86

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
GetCurrentProcess
GetCurrentThread
LocalFree
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
FormatMessageW
GetModuleHandleW
Sleep
RaiseException
LoadLibraryA
SetThreadUILanguage
GetConsoleOutputCP
WideCharToMultiByte
GetProcessHeap
HeapAlloc
GetStdHandle
WriteFile
HeapFree
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
OutputDebugStringA
InterlockedCompareExchange
InterlockedExchange

msvcrt

__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
free
mbtowc
__mb_cur_max
_amsg_exit
_snprintf
_itoa
wctomb
malloc
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
??3@YAXPAX@Z
isleadbyte
_wsetlocale
fwprintf
_vsnwprintf
??2@YAPAXI@Z
memset
exit
memcpy
strtol
fprintf
_iob
__CxxFrameHandler
_initterm
_XcptFilter
_exit
_cexit
__getmainargs
_errno

ntdll

RtlUnwind
NtOpenThreadToken
RtlAdjustPrivilege
RtlInitString
NtQueryInformationToken
NtDuplicateToken
NtSetInformationThread
NtClose

user32

LoadStringW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tefhuat
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

user32

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 29KB - Virtual size: 30KB

tefhuat Size: - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 29KB - Virtual size: 30KB

tefhuat
Size: - Virtual size: 4KB