0670dad58d0f2bf6b7501e20490a4b27cbba8b60697ce09df01867c4850756cd

Sharing

Copy URL Twitter E-mail

General

Target

0670dad58d0f2bf6b7501e20490a4b27cbba8b60697ce09df01867c4850756cd
Size

89KB
MD5

6091eab8a82187a9e0f9af6935dd5ecd
SHA1

d72354faa88462bd65a71e0c84a88aab1bc62a2b
SHA256

0670dad58d0f2bf6b7501e20490a4b27cbba8b60697ce09df01867c4850756cd
SHA512

5c180238fd549fe0d4dc3b4a98e08f6efce729111ca2b32161084e031dc95a464487f5adfed642ef10ec3d2c2f0587e27ef7e4f8def41d07043654e547656bde
SSDEEP

1536:8XmI9AwtcQA6DFFw7tsu0d+3QwMcE0GjsWjcd6X:Utj/w724K0GM6X

Score

N/A

Malware Config

Signatures

Files

0670dad58d0f2bf6b7501e20490a4b27cbba8b60697ce09df01867c4850756cd
.exe windows x86

408a0dd3a0548413a1c85c8b992696e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
ReadFile
GetFileSizeEx
GetLastError
CloseHandle
GetFileSize
SetFilePointer
WriteFile
UnmapViewOfFile
GetCurrentProcess
FlushViewOfFile
GetProcAddress
SetFileAttributesA
CreateFileMappingA
DeviceIoControl
GetModuleFileNameA
GetModuleHandleA
SetFilePointerEx
MapViewOfFile
CreateFileA
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
HeapFree
HeapAlloc
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
LoadLibraryExW
OutputDebugStringW
SetStdHandle
WriteConsoleW
GetStringTypeW
HeapReAlloc
FlushFileBuffers
HeapSize
LCMapStringW
CreateFileW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

408a0dd3a0548413a1c85c8b992696e8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

imagehlp

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB