3f920e4af5429593cfd56e9324331317f4d87ea0ca8adf5b49b35a48d44ac9e6

General

Target

3f920e4af5429593cfd56e9324331317f4d87ea0ca8adf5b49b35a48d44ac9e6
Size

385KB
MD5

6108de61cc2c861c7dab5efa4419f770
SHA1

dde2e1f2c0f037fee81c17f81caed675ffe3898c
SHA256

3f920e4af5429593cfd56e9324331317f4d87ea0ca8adf5b49b35a48d44ac9e6
SHA512

a14a72347dba7cfbd6e6683be2442f15ed596556525920365813e5521858d3b6fa426af0ae765925be1bd18f84bb965ba8af9aeef25e0743861be02802996ce5
SSDEEP

6144:VJo2yzmNoHsEKjBoQ2UW3chh991xBr1W/hw5LWMDij8agfDrL6hQlSNQrRhZWb8h:VWqNoHsYQHWUrbnJahCLN7/e2k2OvBh

Score

N/A

Malware Config

Signatures

Files

3f920e4af5429593cfd56e9324331317f4d87ea0ca8adf5b49b35a48d44ac9e6
.exe windows x86

ebbefeeeb69324ddf516a067c9912143

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer
WTSDisconnectSession
WTSEnumerateProcessesA
WTSEnumerateProcessesW
WTSEnumerateServersA
WTSCloseServer

kernel32

HeapCreate
GetWindowsDirectoryA
TlsFree
SizeofResource
_lopen
FindClose
GetACP
_lread
TlsFree
TlsFree
EnumSystemGeoID
GetConsoleTitleA
GlobalFree
DeleteAtom
DuplicateConsoleHandle
DuplicateHandle
EncodePointer
GlobalFree
CreateSocketHandle
EnterCriticalSection
RtlUnwind
IsBadReadPtr
SetStdHandle
GlobalFix
GetFileTime
FreeEnvironmentStringsA
UnhandledExceptionFilter
ExitProcess
Beep
GetWriteWatch
EncodePointer
HeapWalk
LCMapStringW
LCMapStringA

Sections

.text
Size: 512B - Virtual size: 463B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 502KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 378KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ebbefeeeb69324ddf516a067c9912143

Headers

File Characteristics

Imports

wtsapi32

kernel32

Sections

.text Size: 512B - Virtual size: 463B

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 502KB

.rsrc Size: 378KB - Virtual size: 380KB

.DATA Size: 512B - Virtual size: 4KB

.text
Size: 512B - Virtual size: 463B

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 502KB

.rsrc
Size: 378KB - Virtual size: 380KB

.DATA
Size: 512B - Virtual size: 4KB