c445a76770d80bd1ca5a9c4e33fa82d3abb516d6fbd88d1816900fba578ab7d0

Sharing

Copy URL

Twitter E-mail

General

Target

c445a76770d80bd1ca5a9c4e33fa82d3abb516d6fbd88d1816900fba578ab7d0
Size

213KB
MD5

40d723a88f8d63a0bf9b5d253c0c30c0
SHA1

433ad25fa3c59442b4da684f322a251147f4f1f8
SHA256

c445a76770d80bd1ca5a9c4e33fa82d3abb516d6fbd88d1816900fba578ab7d0
SHA512

290643006586c12144131539547b1995c5ec6983f5d073fe70fc44a8d7ad9674952178b1b1c66959c2a706bd76978453ca86924d1f72442c776e68d51ee8da7d
SSDEEP

6144:VYee2XE1Txq7Y3B99FeT9TlqhausIV6fD:VYelE11qkuTl5usIV

Score

N/A

Malware Config

Signatures

Files

c445a76770d80bd1ca5a9c4e33fa82d3abb516d6fbd88d1816900fba578ab7d0
.exe windows x86

9643b5863f2a89c1a1ed1f899a2cc9ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegSetValueExA

dbghelp

SymEnumerateSymbols64
FindExecutableImage
StackWalk64
SymEnumerateModules
SymGetLineFromName64

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

CreateFileW
HeapSize
WriteConsoleW
SetStdHandle
FlushFileBuffers
LoadLibraryW
HeapReAlloc
CloseHandle
lstrlenW
lstrcpyW
lstrcpyA
lstrcmpiW
WriteProcessMemory
WritePrivateProfileStringA
WriteFile
WideCharToMultiByte
WaitForDebugEvent
VirtualProtect
VirtualFree
VirtualAlloc
VerLanguageNameA
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateThread
TerminateProcess
SuspendThread
Sleep
SetThreadPriority
SetThreadLocale
SetThreadContext
SetPriorityClass
SetLastError
SetHandleCount
SetFilePointer
SetEvent
SetConsoleCtrlHandler
SearchPathA
RtlUnwind
ResumeThread
ReadProcessMemory
ReadFile
RaiseException
OpenProcess
MultiByteToWideChar
MulDiv
MoveFileA
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
LCMapStringA
IsValidLocale
HeapFree
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalMemoryStatus
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTickCount
GetThreadSelectorEntry
GetThreadPriority
GetThreadContext
GetSystemDirectoryA
GetSystemDefaultLangID
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetPriorityClass
GetOEMCP
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileType
GetFileTime
GetFileSize
GetFileAttributesA
GetEnvironmentStrings
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FlushInstructionCache
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
EnterCriticalSection
DeleteFileA
DebugActiveProcess
CreateProcessA
CreateFileA
CreateDirectoryA
ContinueDebugEvent
WaitForSingleObject
BackupWrite
GlobalCompact
PeekNamedPipe
GetUserDefaultLangID
GetTempPathW
GetSystemTimeAsFileTime
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
DecodePointer
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
InterlockedIncrement
InterlockedDecrement
IsValidCodePage
GetModuleHandleW
LCMapStringW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 242.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9643b5863f2a89c1a1ed1f899a2cc9ff

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

dbghelp

version

kernel32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 242.0MB

.rsrc Size: 135KB - Virtual size: 136KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 242.0MB

.rsrc
Size: 135KB - Virtual size: 136KB