1957c8e921c04054c9c85bab100c859d936ac58d1d460968f4a553521e53f819

Sharing

Copy URL Twitter E-mail

General

Target

1957c8e921c04054c9c85bab100c859d936ac58d1d460968f4a553521e53f819
Size

224KB
MD5

63dff9533df34ec8486331c1b7ec09a0
SHA1

ec69ef10010155b4871cbcabc086a2fadfe0bfe0
SHA256

1957c8e921c04054c9c85bab100c859d936ac58d1d460968f4a553521e53f819
SHA512

1e242f95921cf69d9d4648a2d299365621dca86ea83542befff16ab488553200064bf322fec5cb184f203d8e13fd34ea34b7a14882bf361198e4e45a8787a261
SSDEEP

6144:DJTYH6oWq0JbzcRoM2sO+pXlHjw3YPG1hs5:DJTJoWq0ncTDO+pXlHjwIu1hU

Score

N/A

Malware Config

Signatures

Files

1957c8e921c04054c9c85bab100c859d936ac58d1d460968f4a553521e53f819
.exe windows x86

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
GetCurrentProcess
GetCurrentThread
LocalFree
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
FormatMessageW
GetModuleHandleW
Sleep
RaiseException
LoadLibraryA
SetThreadUILanguage
GetConsoleOutputCP
WideCharToMultiByte
GetProcessHeap
HeapAlloc
GetStdHandle
WriteFile
HeapFree
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
OutputDebugStringA
InterlockedCompareExchange
InterlockedExchange

msvcrt

__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
free
mbtowc
__mb_cur_max
_amsg_exit
_snprintf
_itoa
wctomb
malloc
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
??3@YAXPAX@Z
isleadbyte
_wsetlocale
fwprintf
_vsnwprintf
??2@YAPAXI@Z
memset
exit
memcpy
strtol
fprintf
_iob
__CxxFrameHandler
_initterm
_XcptFilter
_exit
_cexit
__getmainargs
_errno

ntdll

RtlUnwind
NtOpenThreadToken
RtlAdjustPrivilege
RtlInitString
NtQueryInformationToken
NtDuplicateToken
NtSetInformationThread
NtClose

user32

LoadStringW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

user32

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.vmp0 Size: 192KB - Virtual size: 1.3MB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.vmp0
Size: 192KB - Virtual size: 1.3MB