c05e641a06b34ffef4ff81e4ca2a898d683f8416de465daba11448b0ef45dc87

General

Target

c05e641a06b34ffef4ff81e4ca2a898d683f8416de465daba11448b0ef45dc87
Size

252KB
MD5

517ea29356433b22b772a6b11f0c17a0
SHA1

1638ee4cbfaed3f7064e112d2b7e0eca23222b53
SHA256

c05e641a06b34ffef4ff81e4ca2a898d683f8416de465daba11448b0ef45dc87
SHA512

b62e8e8bbcd7dba05d21ce3f74a57a0690d6e745619c59e54e1339f3f9b52c659041a99e8f492a5d3b6f6e0abe234f0b7a019a8b61b5cb6f1e44cff4fe7c4838
SSDEEP

6144:NL9nYTNWFRQeVip1e/o/kO1SL/19HERDtK85fU:bn7hu7e9dERxK85

Score

N/A

Malware Config

Signatures

Files

c05e641a06b34ffef4ff81e4ca2a898d683f8416de465daba11448b0ef45dc87
.exe windows x64

b45ea26bc71ef22e5502161425923695

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

regapi

RegQueryUtilityCommandList
RegFreeUtilityCommandList

user32

LoadStringW

kernel32

RtlCaptureContext
SetUnhandledExceptionFilter
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlVirtualUnwind
SetThreadUILanguage
GetConsoleOutputCP
HeapSetInformation
SearchPathW
FreeLibrary
CreateProcessW
WaitForSingleObject
GetModuleHandleW
LoadLibraryW
FormatMessageW
WriteConsoleW
MultiByteToWideChar
GetStdHandle
GetLastError
SetLastError
GetFileType
CloseHandle
GetCommandLineW
LocalAlloc
LocalFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
Sleep

msvcrt

_iob
wcscat_s
wcscpy_s
memmove
__getmainargs
__C_specific_handler
_XcptFilter
_exit
_cexit
exit
_initterm
_amsg_exit
__setusermatherr
_commode
_fmode
_ultoa
?terminate@@YAXXZ
vswprintf_s
malloc
free
fwprintf
vfwprintf
wcschr
_wsetlocale
setlocale
_wcsnicmp
swprintf_s
__set_app_type
memset

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b45ea26bc71ef22e5502161425923695

Headers

DLL Characteristics

File Characteristics

Imports

regapi

user32

kernel32

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 6KB

.pdata Size: 512B - Virtual size: 312B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 236KB - Virtual size: 460KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 6KB

.pdata
Size: 512B - Virtual size: 312B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 236KB - Virtual size: 460KB