cc15c8aca1c5350309ef45048d5939a3b8c7861e21169a83d5a1c0af0d4e98ef

Sharing

Copy URL Twitter E-mail

General

Target

cc15c8aca1c5350309ef45048d5939a3b8c7861e21169a83d5a1c0af0d4e98ef
Size

190KB
MD5

6954633647c1075da61c750dd9f4af50
SHA1

99dbb116178d8be9d5310bb6633e3a2b480bf914
SHA256

cc15c8aca1c5350309ef45048d5939a3b8c7861e21169a83d5a1c0af0d4e98ef
SHA512

0424eb29c7a6a579d31686c880363c6b66fbcd25c7b27050d27debabe66a3a6eefe2b19cf86c3e2f9969e52048596f771c47265c6ce7e8f8c0ea342c51d735c7
SSDEEP

3072:OhIoohYkQr0jeLwJr95rJolNAzyP+msVK0ZMcD/10:iItYQqLwhHrWsOP+5VTt/10

Score

N/A

Malware Config

Signatures

Files

cc15c8aca1c5350309ef45048d5939a3b8c7861e21169a83d5a1c0af0d4e98ef
.exe windows x64

2e2c5e54757e680ba0b441bc31313ccc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExW
EventUnregister
RegOpenKeyExW
EventRegister
RegCloseKey
EventWrite

kernel32

ExitProcess
GetCommandLineW
CreateMutexW
SetErrorMode
FreeLibrary
HeapAlloc
HeapFree
SetProcessDEPPolicy
SetEvent
GetModuleHandleW
GetCurrentThread
GetProcessHeap
LoadLibraryW
CompareStringOrdinal
FormatMessageW
lstrlenW
SetThreadPriority
GetStartupInfoW
GetLastError
GetProcAddress
SetCurrentDirectoryW
OpenEventW
CloseHandle
LocalFree
ExpandEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
LoadLibraryA
LocalAlloc

user32

GetSystemMetrics
MessageBoxW
SendMessageTimeoutW
ShowWindow
GetDesktopWindow
GetClassNameW
FindWindowW
GetParent
SetForegroundWindow
IsIconic
GetWindow
GetWindowThreadProcessId
IsWindowVisible

ws2_32

WSAStartup
WSACleanup

ntdll

memset

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e2c5e54757e680ba0b441bc31313ccc

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

ws2_32

ntdll

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 168B

.rsrc Size: 150KB - Virtual size: 150KB

.reloc Size: 27KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 168B

.rsrc
Size: 150KB - Virtual size: 150KB

.reloc
Size: 27KB - Virtual size: 28KB