88cb6b814143790fa13512e2eeb85207b3b54de0e820e45ae13dc9f9e10e0aca

Sharing

Copy URL Twitter E-mail

General

Target

88cb6b814143790fa13512e2eeb85207b3b54de0e820e45ae13dc9f9e10e0aca
Size

379KB
MD5

3e465d742b5a6852fc8a90b32c3de9f0
SHA1

42819839435e636a7d5635c021e3d2a00beaf41f
SHA256

88cb6b814143790fa13512e2eeb85207b3b54de0e820e45ae13dc9f9e10e0aca
SHA512

f5dafb7538bbf1af92478ef61990687f74482ae8e7f613c9437ec8369e86de132acec8660d5b27cd01f549a2a68cd405510d9cf004950736518e3229ac34592c
SSDEEP

6144:aO8FULqRCpD/wAGLnTaSKapitXedmEQ0U3apL3IkcmLUT:aOIULqRCpD/wtLnePWiOg3OMkte

Score

N/A

Malware Config

Signatures

Files

88cb6b814143790fa13512e2eeb85207b3b54de0e820e45ae13dc9f9e10e0aca
.exe windows x86

d31bf15a0695a23adb076065e80ad7ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
InterlockedExchange
CreateMutexA
lstrcpynA
GetDriveTypeA
GetVolumeInformationA
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
lstrlenA
GetVolumeInformationW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesW
SetFileAttributesA
GetFullPathNameA
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
GetVersion
GetFileType
GetFileTime
CreateFileW
ReadFile
SetConsoleMode
GetConsoleMode
WideCharToMultiByte
MultiByteToWideChar
FindFirstFileW
FindNextFileW
FindNextFileA
RemoveDirectoryA
DeleteFileA
HeapSize
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetFullPathNameW
CloseHandle
GetSystemTimeAsFileTime
InterlockedDecrement
GetCPInfo
GetDriveTypeW
MoveFileA
SetStdHandle
HeapReAlloc
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileInformationByHandle
PeekNamedPipe
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
CreateProcessA
DuplicateHandle
SetConsoleCtrlHandler
InterlockedIncrement
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetConsoleCP
FlushFileBuffers
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetStartupInfoA
GetTimeZoneInformation
VirtualFree
VirtualAlloc
HeapCreate
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
CreatePipe
GetExitCodeProcess
GetModuleHandleA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW

user32

OemToCharA
CharToOemA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetKernelObjectSecurity
GetSecurityDescriptorLength

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d31bf15a0695a23adb076065e80ad7ac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 10KB - Virtual size: 330KB

.rsrc Size: 77KB - Virtual size: 80KB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 10KB - Virtual size: 330KB

.rsrc
Size: 77KB - Virtual size: 80KB