519c0e1fa9f4878b47bfc0d09dc411b5290771e436faffdf505b6f2aca06d5f9

Sharing

Copy URL

Twitter E-mail

General

Target

519c0e1fa9f4878b47bfc0d09dc411b5290771e436faffdf505b6f2aca06d5f9
Size

275KB
MD5

130f347a31011e7ee1081682b7b01470
SHA1

ae77c361eeb14833d1ad7db1d8c82214e29fd16a
SHA256

519c0e1fa9f4878b47bfc0d09dc411b5290771e436faffdf505b6f2aca06d5f9
SHA512

d82eb6324bb678749697203be08fc3a57f6f1d0101f3b0a106b2200543504fece837cc265ff9a79c2a933138b0da05b9580b6a61273c6d98f8d8e4f0ae0a7752
SSDEEP

6144:TR2qUmlQsdtCuTsYkHgYfHE2F6+AIASu1AqFZ:NBlrCuo7gwHE2FEDbZ

Score

N/A

Malware Config

Signatures

Files

519c0e1fa9f4878b47bfc0d09dc411b5290771e436faffdf505b6f2aca06d5f9
.exe windows x64

c77ad2aec80508f315dc95c7406f019f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LocalFree
OutputDebugStringA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetThreadpoolTimer
CreateThreadpoolTimer
CloseHandle
WaitForThreadpoolTimerCallbacks
GetLastError
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
Sleep
HeapSetInformation
RtlCompareMemory
LocalAlloc
GetModuleHandleW
GetCurrentProcess
SetPriorityClass
CloseThreadpoolTimer
GetCommandLineW

msvcrt

??0exception@@QEAA@XZ
__CxxFrameHandler3
swscanf_s
memmove_s
??0exception@@QEAA@AEBQEBD@Z
memcpy_s
_vsnwprintf_s
_vsnwprintf
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_fmode
memcpy
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
memset
__C_specific_handler
__getmainargs
_callnewh
malloc
_CxxThrowException
free
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
_commode
_XcptFilter
wcscpy_s
_snwprintf_s

ntdll

NtWriteVirtualMemory
RtlNtStatusToDosError
NtReadVirtualMemory
NtOpenProcess
RtlVirtualUnwind
RtlCaptureContext
WinSqmEndSession
WinSqmStartSession
WinSqmSetDWORD
RtlLookupFunctionEntry

ole32

CoTaskMemFree

credui

CredUIPromptForWindowsCredentialsW

shell32

CommandLineToArgvW

netapi32

NetApiBufferFree
NetValidatePasswordPolicy

advapi32

TraceMessage

user32

LoadStringW

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c77ad2aec80508f315dc95c7406f019f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

ole32

credui

shell32

netapi32

advapi32

user32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 236KB - Virtual size: 460KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 236KB - Virtual size: 460KB