2de0b4b8a5aa10bbe123aa2628397ffb89ef0fb41db2dbe7b5d437b2ec562acb

Sharing

Copy URL Twitter E-mail

General

Target

2de0b4b8a5aa10bbe123aa2628397ffb89ef0fb41db2dbe7b5d437b2ec562acb
Size

36KB
MD5

67a5fc36d852f0852f5f363502189890
SHA1

f7dbf3e9ee74916a8db4fc3c189d6079d871dd48
SHA256

2de0b4b8a5aa10bbe123aa2628397ffb89ef0fb41db2dbe7b5d437b2ec562acb
SHA512

591f44ec367b51b200735c77efc029865201afd6673306403d7c952de4f3304bf1d9603b94a291eb492139a717260da1cb43faa4fca7a726a2de2784906a6c99
SSDEEP

768:DEBtL0cMJSj0s04+2L4PzWZJesT1V6HLs/u/3:DEBZ0cJ0u+2L8zog6u/3

Score

N/A

Malware Config

Signatures

Files

2de0b4b8a5aa10bbe123aa2628397ffb89ef0fb41db2dbe7b5d437b2ec562acb
.exe windows x86

c9b7cc20c5b0487aff149aa9847dc526

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
SetEvent
SetThreadPreferredUILanguages
GetModuleHandleW
HeapSetInformation
GetCommandLineW
GetFullPathNameW
CreateEventW
CloseHandle
GetCurrentDirectoryW
FormatMessageW
GetStdHandle
WriteConsoleW
LocalAlloc
WideCharToMultiByte
WriteFile
LocalFree
GetFileType
GetConsoleMode
InterlockedExchange
Sleep
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetLastError

msvcrt

_controlfp
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
__set_app_type
__CxxFrameHandler3
_purecall
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
wcschr
wcstok_s
_wcsicmp
??2@YAPAXI@Z
_vsnwprintf
??3@YAXPAX@Z
_unlock

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString

advapi32

DeregisterEventSource
RegisterEventSourceW

user32

LoadStringW

Exports

Exports

??0CTcpMib@@QAE@ABV0@@Z
??0CTcpMib@@QAE@XZ
??1CTcpMib@@UAE@XZ
??4CTcpMib@@QAEAAV0@ABV0@@Z
??_7CTcpMib@@6B@

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9b7cc20c5b0487aff149aa9847dc526

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

oleaut32

advapi32

user32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 19KB - Virtual size: 22KB

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 19KB - Virtual size: 22KB