d64f3b62349ad5e722e8a1a4f06f0e4e667cba7c715b5f1325ed1644f7462574

General

Target

d64f3b62349ad5e722e8a1a4f06f0e4e667cba7c715b5f1325ed1644f7462574
Size

388KB
MD5

751e09bfb5386cf536262bb01f213c3a
SHA1

4740d51cf76176c7dd8a346a0d91004e1149e681
SHA256

d64f3b62349ad5e722e8a1a4f06f0e4e667cba7c715b5f1325ed1644f7462574
SHA512

612f3cc8e7c88c829304bd65ad765acc92b7fe1a0388f5dd203b6c701a9b769acacb6f181dda3a3fe6139bfc29cb67dba559a23d16f4ecf576d7725e96b6ace8
SSDEEP

6144:1OLYbgnpJGseASRaPNi8BbrTrWLUpo8zZTLShT2RBrmLWp/3H4zxM/:ynrLeCNigbrTrpo8zx+NSB6Wl3Hu

Score

N/A

Malware Config

Signatures

Files

d64f3b62349ad5e722e8a1a4f06f0e4e667cba7c715b5f1325ed1644f7462574
.exe windows x86

1e042aab6d983fa42f6e36c4ef90613d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer
WTSCloseServer
WTSCloseServer
WTSCloseServer

kernel32

HeapCreate
GetWindowsDirectoryA
TlsFree
SizeofResource
_lopen
FindClose
GetACP
LZRead
TlsFree
TlsFree
EnumSystemGeoID
GetConsoleTitleA
GlobalFree
DeleteAtom
DuplicateConsoleHandle
DuplicateHandle
EncodePointer
GlobalFree
CreateSocketHandle
EnterCriticalSection
RtlUnwind
IsBadReadPtr
SetStdHandle
GlobalFix
GetFileTime
FreeEnvironmentStringsA
UnhandledExceptionFilter
ExitProcess
Beep
GetWriteWatch
EncodePointer
HeapWalk
LCMapStringW
LCMapStringA

Sections

.text
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e042aab6d983fa42f6e36c4ef90613d

Headers

File Characteristics

Imports

wtsapi32

kernel32

Sections

.text Size: 512B - Virtual size: 472B

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 498KB

.rsrc Size: 380KB - Virtual size: 384KB

.DATA Size: 512B - Virtual size: 4KB

.text
Size: 512B - Virtual size: 472B

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 498KB

.rsrc
Size: 380KB - Virtual size: 384KB

.DATA
Size: 512B - Virtual size: 4KB