c061f192c99ac7305f317cd580dc8ea72ed354892d23a66c56e78bb6e28586bd

Sharing

Copy URL Twitter E-mail

General

Target

c061f192c99ac7305f317cd580dc8ea72ed354892d23a66c56e78bb6e28586bd
Size

532KB
MD5

051c730cd4eda1e1e00a5b41ab6e9560
SHA1

2392e4a4784310bd67920bf99d0e66952ab2dec6
SHA256

c061f192c99ac7305f317cd580dc8ea72ed354892d23a66c56e78bb6e28586bd
SHA512

232e0db99099f183ce637deaa7d6d852116d1fd70d14191180befcc2c5dfbaa537c2b319816af93f1702cd8968d9366a0e8a02a60e325f22c4a6423a4979d3de
SSDEEP

12288:WJTD0LAGeo0+wVsLKZGB2zzDTRySWR6VtAB80Oy3byJ:WJTD0LAC+YczzDTRzWR6VtAB80Oy2J

Score

N/A

Malware Config

Signatures

Files

c061f192c99ac7305f317cd580dc8ea72ed354892d23a66c56e78bb6e28586bd
.exe windows x86

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
GetCurrentProcess
GetCurrentThread
LocalFree
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
FormatMessageW
GetModuleHandleW
Sleep
RaiseException
LoadLibraryA
SetThreadUILanguage
GetConsoleOutputCP
WideCharToMultiByte
GetProcessHeap
HeapAlloc
GetStdHandle
WriteFile
HeapFree
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
OutputDebugStringA
InterlockedCompareExchange
InterlockedExchange

msvcrt

__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
free
mbtowc
__mb_cur_max
_amsg_exit
_snprintf
_itoa
wctomb
malloc
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
??3@YAXPAX@Z
isleadbyte
_wsetlocale
fwprintf
_vsnwprintf
??2@YAPAXI@Z
memset
exit
memcpy
strtol
fprintf
_iob
__CxxFrameHandler
_initterm
_XcptFilter
_exit
_cexit
__getmainargs
_errno

ntdll

RtlUnwind
NtOpenThreadToken
RtlAdjustPrivilege
RtlInitString
NtQueryInformationToken
NtDuplicateToken
NtSetInformationThread
NtClose

user32

LoadStringW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

user32

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.vmp0
Size: 500KB - Virtual size: 1.6MB