2c9fbec6a693beb4f5b25726dddb1cfbf0a1f489d69868ab23d48d3af25db425

Sharing

Copy URL Twitter E-mail

General

Target

2c9fbec6a693beb4f5b25726dddb1cfbf0a1f489d69868ab23d48d3af25db425
Size

52KB
MD5

597009348e12b8cb3bc6290c4903b9b9
SHA1

87b665f93531a758da26364d8280a1848f1c8baf
SHA256

2c9fbec6a693beb4f5b25726dddb1cfbf0a1f489d69868ab23d48d3af25db425
SHA512

d8a6c3e93d57ab4739af6a0728b5d94ce83925a89b80e74f93e3bb5ba38b45e4e821101be1838f97bed2b810d3c89c4d91d32d8e65d1f31577d29e00a6410868
SSDEEP

768:TuuLUSm3S5cIJpNoRqyW/cUgNzURDQempfgjUlCYjiU9kzwi:SuLpm3S5cIXX/gNzUqelglCYjt9kz

Score

N/A

Malware Config

Signatures

Files

2c9fbec6a693beb4f5b25726dddb1cfbf0a1f489d69868ab23d48d3af25db425
.exe windows x86

63420c40dabeea03c84143ab1295d563

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_purecall
_onexit
malloc
_CxxThrowException
__dllonexit
memcpy_s
memset
__CxxFrameHandler3
memmove_s
_unlock
_lock
_except_handler4_common
_controlfp
?terminate@@YAXXZ
_wcmdln
calloc
??0exception@@QAE@ABV0@@Z
_initterm
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@XZ
??1type_info@@UAE@XZ
__setusermatherr
__p__fmode
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__p__commode
?what@exception@@UBEPBDXZ
_callnewh
free
_XcptFilter

api-ms-win-core-synch-l1-2-0

EnterCriticalSection
ResetEvent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObject
InitializeSRWLock
SetEvent
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
Sleep
InitOnceExecuteOnce
CreateEventW

api-ms-win-core-interlocked-l1-2-0

InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange

api-ms-win-core-processthreads-l1-1-1

TerminateProcess
GetExitCodeThread
GetStartupInfoW
SetProcessShutdownParameters
GetCurrentProcess
GetCurrentThread
CreateThread
GetCurrentThreadId
SetThreadPriority
GetCurrentProcessId
GetThreadPriority

api-ms-win-core-errorhandling-l1-1-1

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError

api-ms-win-core-libraryloader-l1-1-1

LoadStringW
GetModuleHandleW
GetModuleHandleA

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-2-0

GetTickCount
GetSystemTimeAsFileTime

rpcrt4

RpcAsyncCompleteCall
RpcAsyncInitializeHandle
RpcStringBindingComposeW
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
NdrAsyncClientCall
NdrClientCall2
RpcAsyncCancelCall
RpcBindingFree
RpcStringFreeW

api-ms-win-core-com-l1-1-0

CoInitializeSecurity
CoCreateInstance
CoEnableCallCancellation
CoDisableCallCancellation
CoCancelCall
CoUninitialize
CoInitializeEx

api-ms-win-security-base-l1-2-0

FreeSid
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
SetSecurityDescriptorOwner
IsValidSid
InitializeSecurityDescriptor
MakeAbsoluteSD
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAce
GetAclInformation
CopySid

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-2-0

GetProcessHeap
HeapDestroy
HeapAlloc
HeapSize
HeapReAlloc
HeapFree
HeapCreate

ntdll

DbgPrintEx
EtwTraceMessage
NtSetInformationProcess
RtlUnhandledExceptionFilter

oleaut32

SysAllocString
SysFreeString
VariantClear

api-ms-win-core-debug-l1-1-1

IsDebuggerPresent
OutputDebugStringA

api-ms-win-core-registry-l1-1-0

RegGetValueW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-threadpool-legacy-l1-1-0

CreateTimerQueueTimer
DeleteTimerQueueTimer

api-ms-win-core-heap-obsolete-l1-1-0

LocalFree

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI
DelayLoadFailureHook

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63420c40dabeea03c84143ab1295d563

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

api-ms-win-core-synch-l1-2-0

api-ms-win-core-interlocked-l1-2-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-libraryloader-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

rpcrt4

api-ms-win-core-com-l1-1-0

api-ms-win-security-base-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-heap-l1-2-0

ntdll

oleaut32

api-ms-win-core-debug-l1-1-1

api-ms-win-core-registry-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-threadpool-legacy-l1-1-0

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-core-apiquery-l1-1-0

api-ms-win-core-delayload-l1-1-1

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 1KB - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB