81184a75ee624535d14a6d2346ef4a7844a96c69588434e6df0a3c4340b1c23b

Sharing

Copy URL Twitter E-mail

General

Target

81184a75ee624535d14a6d2346ef4a7844a96c69588434e6df0a3c4340b1c23b
Size

39KB
MD5

13203c8c481e0c1713e3bed86f6e9060
SHA1

dc28ac523cfdd9270d5481c5c7980bdca14b88eb
SHA256

81184a75ee624535d14a6d2346ef4a7844a96c69588434e6df0a3c4340b1c23b
SHA512

7b765e13bc557eb37379347ab0325d20ed8b08c23e2a652eeeb88f1151d1794542acde3fa8c4075dfdc36423a0bd83be9e0fb0421c35c650e48a65fa4ebb986b
SSDEEP

768:B90OGZSxhMjy2vGfG7Tu2WNBg3k0EacburYbqnBsqglkUl5GibL:BiBjy2vGfG6BgU0Hcisbqqb2U6w

Score

N/A

Malware Config

Signatures

Files

81184a75ee624535d14a6d2346ef4a7844a96c69588434e6df0a3c4340b1c23b
.exe windows x86

2a5aae458fc0d4b12c3c293f26469545

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LocalFree
GetLastError
LocalAlloc
FormatMessageW
SetThreadUILanguage
GetConsoleOutputCP
WideCharToMultiByte
GetProcessHeap
HeapAlloc
GetStdHandle
WriteFile
HeapFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcrt

_amsg_exit
_iob
fwprintf
_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_wsetlocale
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_wtoi
wcsstr
memset
_vsnwprintf
wprintf
_wcsicmp

ntdll

RtlGUIDFromString
RtlNtStatusToDosError

user32

LoadStringW

vaultcli

VaultCreateVault
VaultGetItemType
VaultSetInformation
VaultEnumerateItems
VaultRemoveItem
VaultAddItem
VaultCloseVault
VaultLockVault
VaultFree
VaultGetInformation
VaultOpenVault
VaultUnlockVault
VaultEnumerateVaults
VaultLoadVaults
VaultUnloadVaults
VaultCopyVault
VaultEnumerateItemTypes

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a5aae458fc0d4b12c3c293f26469545

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

user32

vaultcli

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 968B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 18KB - Virtual size: 21KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 968B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 18KB - Virtual size: 21KB