8e89f8f66882f6afbd91895559f31d988da02cb10f83f4fca0bffbb7a089d28a

Sharing

Copy URL Twitter E-mail

General

Target

8e89f8f66882f6afbd91895559f31d988da02cb10f83f4fca0bffbb7a089d28a
Size

347KB
MD5

65cf3f9349798156944aa82597050f60
SHA1

01077e8f3ade812c46a8b9ef6b740d8f4a2eb837
SHA256

8e89f8f66882f6afbd91895559f31d988da02cb10f83f4fca0bffbb7a089d28a
SHA512

d2240aa45d6a9676fd2e28c068323407cd5c86c621688f44d73dcf8884f1dd377df92159c900130d3e27a8cfabd619f685062d07150015cb7f51915937243570
SSDEEP

6144:ix7+5+1kf15G16kcayMKZQJ99yqOwleYDuhALnWa:bj18ILMKQJ90qHleY1

Score

N/A

Malware Config

Signatures

Files

8e89f8f66882f6afbd91895559f31d988da02cb10f83f4fca0bffbb7a089d28a
.exe windows x64

32bdb77c6cf258944cb642fa43112b6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegOpenKeyExW
RegCloseKey
RegEnumValueW

kernel32

GetCommandLineW
GetModuleHandleW
lstrlenW
GetStartupInfoW
HeapSetInformation
ExpandEnvironmentStringsW
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId

user32

AllowSetForegroundWindow

msvcrt

memcpy
_fmode
__setusermatherr
_amsg_exit
?terminate@@YAXXZ
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__C_specific_handler
__getmainargs
_vsnwprintf
_initterm
__set_app_type
_commode
memset

ntdll

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoUninitialize

shell32

ShellExecuteExW

shlwapi

ord158
ord437
StrTrimW

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32bdb77c6cf258944cb642fa43112b6e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

ntdll

ole32

shell32

shlwapi

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 276B

.rsrc Size: 98KB - Virtual size: 98KB

.reloc Size: 236KB - Virtual size: 460KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 276B

.rsrc
Size: 98KB - Virtual size: 98KB

.reloc
Size: 236KB - Virtual size: 460KB