4271924999ee412c0c237a211fdcd44173b1942fe0721303611743c286a7ea12

General

Target

4271924999ee412c0c237a211fdcd44173b1942fe0721303611743c286a7ea12
Size

201KB
MD5

3e436298d481008e260af5e5ac001150
SHA1

25fdf4602e838e13f9e8117635dc705fce4df0e2
SHA256

4271924999ee412c0c237a211fdcd44173b1942fe0721303611743c286a7ea12
SHA512

35ea147d8485240188b3699176ac6d6dc20e7ca227c234179d9788dabaeb7528b8507fbe0ff899edefce5ead287bbb10fa20d6fe85b81ef6e302b6ebd3d7a323
SSDEEP

6144:EgldMwpuwWoxypdVt1GqM2XjzUH8kKl+owie:EidE/oxyZt1GZ2X3UH8ze

Score

N/A

Malware Config

Signatures

Files

4271924999ee412c0c237a211fdcd44173b1942fe0721303611743c286a7ea12
.exe windows x86

1cf896e77e6e24a31dd11a0dd80292da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetConsoleOutputCP
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
FormatMessageW
LocalFree
SetThreadUILanguage
GetCurrentProcessId
GetModuleHandleW

msvcrt

_controlfp
_except_handler3
_ultow
wcsncpy
wcslen
wprintf
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_wcsicmp
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
??2@YAPAXI@Z
_wcsnicmp
_wsetlocale
??3@YAXPAX@Z
_vsnwprintf
__setusermatherr

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

wldap32

ord14
ord88
ord73
ord46
ord155
ord18
ord224
ord118
ord203
ord26
ord140
ord41
ord145

user32

LoadStringW

netapi32

DsGetDcNameW
NetApiBufferFree

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xfmpqux
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1cf896e77e6e24a31dd11a0dd80292da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

wldap32

user32

netapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 64B

.rsrc Size: 114KB - Virtual size: 116KB

xfmpqux Size: 80KB - Virtual size: 80KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 64B

.rsrc
Size: 114KB - Virtual size: 116KB

xfmpqux
Size: 80KB - Virtual size: 80KB