b37ecdd85dbe8417211ab0560f2239b1[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b37ecdd85dbe8417211ab0560f2239b1.exe
Size

1.7MB
MD5

b37ecdd85dbe8417211ab0560f2239b1
SHA1

f97c959c0cf38b1d3c4dc31b90f1a2dc01745b1d
SHA256

8d0c39d51ccfc3b71bde398f812126c3d4bd3e9d9581aa3af15a4e17aa5db311
SHA512

b041487119c167eec92d26481c0e06da2d65ce8f104c0e5baa4ad8284342c4c0a8fff36f526103816870e1c1301f9de667ac1f54dd72f7e649eb56043184de82
SSDEEP

24576:dBrRV7ILkxsWamWZkihMuOk6y2CwLLN6WbSt6opOCk1MNn5rbCNQm5L:dBrb7gkGOk6y2PtgzOun5SNQm5

Score

N/A

Malware Config

Signatures

Files

b37ecdd85dbe8417211ab0560f2239b1.exe
.exe windows x86

d8761a1f54b24cb5e90225a4de0f3bda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetTickCount
FindResourceExW
GetProcAddress
GlobalAlloc
ConvertFiberToThread
DeleteAtom
SetCommConfig
SetCommMask
EraseTape
CreateWaitableTimerExW
GetPrivateProfileIntW
GetDllDirectoryW
CreateHardLinkW
FindNextFileNameW
SetCalendarInfoA
EnumSystemGeoID
GetSystemDefaultLangID
ReadConsoleInputW
GetConsoleAliasesA
ReleaseMutex
ReleaseSRWLockExclusive
AcquireSRWLockShared
SetLastError
LoadLibraryA
GetLastError
ReadFile
SetEndOfFile
WriteConsoleW
MultiByteToWideChar
HeapAlloc
RaiseException
GetCommandLineW
InterlockedIncrement
InterlockedDecrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
EncodePointer
DecodePointer
GetModuleHandleExW
AreFileApisANSI
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
HeapFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
Sleep
RtlUnwind
VirtualQuery
GetFileType
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
WideCharToMultiByte
GetStringTypeW
LoadLibraryExW
OutputDebugStringW
LoadLibraryW
CloseHandle
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LCMapStringEx
HeapSize
FlushFileBuffers
SetStdHandle
CreateFileW
ReadConsoleW

gdi32

CreateDCW
SetAbortProc

advapi32

CloseEventLog
OpenBackupEventLogA

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8761a1f54b24cb5e90225a4de0f3bda

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

oleaut32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: - Virtual size: 480KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: - Virtual size: 480KB