fd7c6aa7eb235d7b89c06dce9c5ab4572d7ae5891d0c0a2ccbaa74033359913d

Sharing

Copy URL

Twitter E-mail

General

Target

fd7c6aa7eb235d7b89c06dce9c5ab4572d7ae5891d0c0a2ccbaa74033359913d
Size

525KB
MD5

12eed6dcc5d7754d9f16868e114b8290
SHA1

5fb0e39bbfa3a1ee8162435750afaa1455c3b53e
SHA256

fd7c6aa7eb235d7b89c06dce9c5ab4572d7ae5891d0c0a2ccbaa74033359913d
SHA512

29192af0196c016ece7fd6203845b5557e4521ca29719cbf588e719b00ec9b558202c0c5f28b184f09cdf6e5adc44ec3b8a916b5688df909b8ce180b69fe59e8
SSDEEP

12288:3MqbgTrV1IAQVebJm9TToB3vHEJul/s62tP3zBQGWbCjp4:3M2zAm9TsBVl/v25qLbB

Score

N/A

Malware Config

Signatures

Files

fd7c6aa7eb235d7b89c06dce9c5ab4572d7ae5891d0c0a2ccbaa74033359913d
.exe windows x64

87da782522dbc8dec0e4c896de38a539

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

DispatchMessageW
CharNextW
GetMessageW
DestroyWindow
PostThreadMessageW

msvcrt

_unlock
??1type_info@@UEAA@XZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_cexit
_exit
__dllonexit
__C_specific_handler
__wgetmainargs
_callnewh
malloc
_CxxThrowException
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
_beginthreadex
free
_wcsicmp
_lock
_onexit
?terminate@@YAXXZ
_XcptFilter
memset

atl

ord21
ord20
ord18
ord57
ord16
ord23
ord17
ord32

ntdll

RtlCaptureContext
RtlVirtualUnwind
EtwTraceMessage
RtlLookupFunctionEntry

api-ms-win-core-localregistry-l1-1-0

RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW

kernel32

FreeLibrary
CloseHandle
GetCurrentThreadId
DeleteCriticalSection
HeapSetInformation
CreateEventW
EnterCriticalSection
GetProcAddress
GetLastError
LoadLibraryExA
TerminateProcess
LeaveCriticalSection
LoadLibraryW
InitializeCriticalSection
GetModuleHandleW
SetEvent
WaitForSingleObject
GetCommandLineW
GetFullPathNameW
GetCurrentProcess
UnhandledExceptionFilter
DelayLoadFailureHook
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
lstrlenW
GetSystemTimeAsFileTime
OpenProcess
ExitProcess
CreateThread
RegisterWaitForSingleObject
UnregisterWait
GetModuleFileNameW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87da782522dbc8dec0e4c896de38a539

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

atl

ntdll

api-ms-win-core-localregistry-l1-1-0

kernel32

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 564B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 202B

.vmp0 Size: 500KB - Virtual size: 1.8MB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 564B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 202B

.vmp0
Size: 500KB - Virtual size: 1.8MB