4b09f0bdd124455bd60b0fbde3be398061a8f4935c69a577cae7e08c76fa1ead

Sharing

Copy URL Twitter E-mail

General

Target

4b09f0bdd124455bd60b0fbde3be398061a8f4935c69a577cae7e08c76fa1ead
Size

676KB
MD5

649e9fd293a00204beaf7d9ee23fbac0
SHA1

017fa6b098d5b0f00d07422ecce6cbecce69aacf
SHA256

4b09f0bdd124455bd60b0fbde3be398061a8f4935c69a577cae7e08c76fa1ead
SHA512

d517f950cd599274d0b06809f8596d6cca0a0d4d25a9a9a93fb23032fc07c5b6f5ce5b4ca1716ca45c6bfc5d6c2b5357ee5ec2ec29c3a61c9c483b4c16eb1a1e
SSDEEP

12288:Efh8V0Oiiyf6XMiRbQ7hEfdhLXBBSk7fK8XhBNEZkPNl:EfhAifirp8kl

Score

N/A

Malware Config

Signatures

Files

4b09f0bdd124455bd60b0fbde3be398061a8f4935c69a577cae7e08c76fa1ead
.exe windows x64

89bc87b8313550174bee55f2fb53c899

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WaitNamedPipeW
WriteFile
InitializeCriticalSection
CreateEventA
GetVersionExW
LeaveCriticalSection
ReadFile
CreateFileW
DisconnectNamedPipe
GetLastError
GetProcAddress
EnterCriticalSection
ResetEvent
DeleteCriticalSection
CloseHandle
GetCurrentProcessId
CreateNamedPipeW
CreateThread
PeekNamedPipe
OpenProcess
GetOverlappedResult
FlushFileBuffers
CreateNamedPipeA
WaitForMultipleObjects
GetCommandLineA
Sleep
FreeLibrary
WideCharToMultiByte
LoadLibraryA
GetModuleHandleW
CallNamedPipeW
ConnectNamedPipe
SetEvent
WaitForSingleObject
LocalFree
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DecodePointer
EncodePointer
GetVersionExA
GetCurrentThread
GetCurrentProcess
LocalAlloc
TlsSetValue
CreateSemaphoreA
TlsAlloc
TlsGetValue
CreateMutexW
TlsFree
MultiByteToWideChar

user32

TranslateMessage
DispatchMessageA
GetMessageA

advapi32

ConvertSidToStringSidA
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTokenInformation
OpenProcessToken
OpenThreadToken
ConvertStringSecurityDescriptorToSecurityDescriptorA

shell32

SHGetFileInfoW

msvcp100

?_Xout_of_range@std@@YAXPEBD@Z
?_Swap_all@_Container_base0@std@@QEAAXAEAU12@@Z
?_Xlength_error@std@@YAXPEBD@Z

msvcr100

_vsnwprintf_s
swscanf_s
__C_specific_handler
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__wgetmainargs
_XcptFilter
_exit
_cexit
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
memset
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__CxxFrameHandler3
wcscat_s
wcstok_s
_set_invalid_parameter_handler
strtok_s
vwprintf_s
malloc
free
wcscpy_s
_purecall
??_V@YAXPEAX@Z
??2@YAPEAX_K@Z
memcpy_s
??3@YAXPEAX@Z
_wassert
memmove
??0exception@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@AEBQEBD@Z
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
memchr
memcmp
memcpy
__crt_debugger_hook
_CxxThrowException
_wsplitpath_s

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 556KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89bc87b8313550174bee55f2fb53c899

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcp100

msvcr100

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 556KB - Virtual size: 2.4MB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 556KB - Virtual size: 2.4MB