37dda47dfefe54e7f3625e5cdf17cfae52c2d2b7ea899136906f8bba50c0d6e8

Sharing

Copy URL Twitter E-mail

General

Target

37dda47dfefe54e7f3625e5cdf17cfae52c2d2b7ea899136906f8bba50c0d6e8
Size

248KB
MD5

63faebe9dc8c2af8dfc6ca6deed0561d
SHA1

8373204f2bd0d5d737e9d615ddc53ad88a0c5a63
SHA256

37dda47dfefe54e7f3625e5cdf17cfae52c2d2b7ea899136906f8bba50c0d6e8
SHA512

07777c14aed5d9f0bf80a04282b3894a1abb05bcc26412dfa78f94854d2bcdc156344aa6c4c47e8bf11a0e77f42cb98e7a8e3b79ac5e7183460a1604b8181849
SSDEEP

6144:xlzdkxShjUI34yxkAyYrqH5MhKMJ4Q4c2j4:xFdk8hjF34PAvqH5kJX

Score

N/A

Malware Config

Signatures

Files

37dda47dfefe54e7f3625e5cdf17cfae52c2d2b7ea899136906f8bba50c0d6e8
.exe windows x86

2e403723ccdebdb90ac410745c53746b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromStream
CoQueryProxyBlanket
CoInitializeEx
OleQueryLinkFromData

advapi32

RegLoadKeyA
AddAccessAllowedAce
AddAccessDeniedObjectAce
RegDeleteValueW
RegUnLoadKeyA
SetServiceObjectSecurity
CreateServiceA
LookupPrivilegeValueA
OpenSCManagerW
RegSetValueExA

kernel32

TlsAlloc
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
EncodePointer
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
IsProcessorFeaturePresent
SetStdHandle
WriteConsoleW
CloseHandle
CreateFileW

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e403723ccdebdb90ac410745c53746b

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

kernel32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 18KB - Virtual size: 25KB

.rsrc Size: 183KB - Virtual size: 182KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 18KB - Virtual size: 25KB

.rsrc
Size: 183KB - Virtual size: 182KB

.reloc
Size: 3KB - Virtual size: 3KB