9b2ed629875cb2ac39706592a2ade1ae1ff119e656d5f7f3984723fd86f2ecdc

General

Target

9b2ed629875cb2ac39706592a2ade1ae1ff119e656d5f7f3984723fd86f2ecdc
Size

196KB
MD5

7696ed2168995dc7fd85fa6460029a9c
SHA1

0b1fd3fc010d2fb63e0894cf05b89c385266e290
SHA256

9b2ed629875cb2ac39706592a2ade1ae1ff119e656d5f7f3984723fd86f2ecdc
SHA512

a11e51d9dc63c66c0649ec25c2c01fdfe799dc9b3a55edc33068170aa5f81b66c1b711252951aef7d818a7de6e8659374e59e53eb40e980a944855b0776cbcd1
SSDEEP

3072:U45nGhXy1GIPOeNeLDYlu3rXzbarM+OL2KaSkJjIp:vxg4pPt/I3DSoL2KaSkJ2

Score

N/A

Malware Config

Signatures

Files

9b2ed629875cb2ac39706592a2ade1ae1ff119e656d5f7f3984723fd86f2ecdc
.exe windows x86

f0021d092c6122333a5553b5e1ba2b13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_vsnwprintf
__getmainargs
tolower
_wcsicmp
strlen
sprintf
_initterm
_wcslwr
wcsncmp
_wfullpath
_strtime
wcsncat
_waccess
exit
_adjust_fdiv
strspn
_acmdln
_vsnprintf
atoi
_wcsnicmp
_except_handler3

kernel32

GetSystemTimeAsFileTime
GetModuleHandleW
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
FillConsoleOutputAttribute
GetACP
CreateDirectoryExW
ReadFileEx
SetConsoleMaximumWindowSize
TermsrvAppInstallMode
CreateFileA
GetFileSize
IsBadStringPtrW
VDMOperationStarted
ReadConsoleOutputCharacterW
TlsFree
ScrollConsoleScreenBufferA
FindResourceW
GetProfileStringW
GetConsoleCommandHistoryLengthA
ReadConsoleW
lstrcmp
GetPrivateProfileStructA

ntdll

ZwWriteFileGather
RtlInitializeCriticalSectionAndSpinCount
_splitpath
ZwQueryFullAttributesFile
ZwAllocateUuids
ZwTestAlert
NtSetSystemPowerState
NtLoadKey2
LdrGetProcedureAddress
RtlpNtQueryValueKey
RtlSecondsSince1980ToTime
KiUserExceptionDispatcher
_ltoa
_allshl
NtLockVirtualMemory
NtAccessCheckByTypeResultListAndAuditAlarm
NtWaitForSingleObject

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0021d092c6122333a5553b5e1ba2b13

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ntdll

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 101KB - Virtual size: 106KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 101KB - Virtual size: 106KB