ef5a33623202ac93965ab5a9c8c58d4bede7a897f03317458259dfdfa8d7ad9c

Sharing

Copy URL Twitter E-mail

General

Target

ef5a33623202ac93965ab5a9c8c58d4bede7a897f03317458259dfdfa8d7ad9c
Size

687KB
MD5

7a794c4412fa86951fa5c47fb1f8a9f0
SHA1

5e6c2f44a018f753e24bc6b46404faa053159ec0
SHA256

ef5a33623202ac93965ab5a9c8c58d4bede7a897f03317458259dfdfa8d7ad9c
SHA512

06061778af0255a188e18400a6b904b2578d1dbecb26adcdb34532ab12b13339fe8f595f3055cc03a3d3d4740de53dedc1d43501bdb0cc84ee2cc4f1d6ff0a12
SSDEEP

12288:YTwVnu/o9dOTEq4QwxqHXPAggfRW1rq470spQsFpc6FMP35S87ABZAQGel9iqYJw:juVTuq3PAgK8rb70spQsU6FMPJS82AQx

Score

N/A

Malware Config

Signatures

Files

ef5a33623202ac93965ab5a9c8c58d4bede7a897f03317458259dfdfa8d7ad9c
.exe windows x64

26836cd06eb32e4da9de1ce8d9db287c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegConnectRegistryW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

kernel32

SetLastError
GetTimeFormatW
SetConsoleCursorPosition
WriteConsoleW
GetNumberFormatW
GetLocaleInfoW
GetStdHandle
LocalAlloc
lstrlenW
FormatMessageW
GetModuleFileNameW
GetComputerNameExW
FileTimeToSystemTime
CompareStringA
GetFileType
HeapSize
GetThreadLocale
VerifyVersionInfoW
GetConsoleOutputCP
MultiByteToWideChar
CompareStringW
GetDateFormatW
HeapValidate
SetConsoleMode
GetConsoleMode
WideCharToMultiByte
ReadConsoleW
SetThreadUILanguage
GetProcessHeap
GetUserDefaultLCID
HeapFree
VerSetConditionMask
HeapAlloc
lstrlenA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
Sleep
HeapReAlloc
ExitProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetCurrentProcess
LocalFree
GetConsoleScreenBufferInfo
GetLastError
ReadFile
TerminateProcess

msvcrt

__C_specific_handler
_CxxThrowException
__CxxFrameHandler3
memset
wcstok
_get_osfhandle
_memicmp
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
memcpy
__wgetmainargs
_wcsicmp
_ui64tow
_wtoi64
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
__iob_func
wcstoul
fflush
_errno
wcstol
fprintf
_vsnwprintf
_fileno
wcstod

user32

wsprintfW
CharUpperW
LoadStringW

mpr

WNetCancelConnection2W
WNetGetLastErrorW

ole32

CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

oleaut32

VariantChangeType
SafeArrayGetElement
SafeArrayGetUBound
SysAllocString
SysFreeString
SysAllocStringByteLen
SysStringLen
SafeArrayGetLBound
VariantInit
VariantClear
VariantCopy

framedynos

?Compare@CHString@@QEBAHPEBG@Z
?Mid@CHString@@QEBA?AV1@H@Z
?ReleaseBuffer@CHString@@QEAAXH@Z
?FindOneOf@CHString@@QEBAHPEBG@Z
?GetBuffer@CHString@@QEAAPEAGH@Z
??H@YA?AVCHString@@PEBGAEBV0@@Z
??0CHString@@QEAA@PEBG@Z
?Right@CHString@@QEBA?AV1@H@Z
?Left@CHString@@QEBA?AV1@H@Z
??YCHString@@QEAAAEBV0@AEBV0@@Z
??4CHString@@QEAAAEBV0@PEBG@Z
?Format@CHString@@QEAAXPEBGZZ
?GetData@CHString@@IEBAPEAUCHStringData@@XZ
??4CHString@@QEAAAEBV0@AEBV0@@Z
??1CHString@@QEAA@XZ
??0CHString@@QEAA@XZ
?GetBufferSetLength@CHString@@QEAAPEAGH@Z
?Empty@CHString@@QEAAXXZ
?Find@CHString@@QEBAHG@Z
?Mid@CHString@@QEBA?AV1@HH@Z

secur32

GetUserNameExW

ws2_32

WSAGetLastError
GetAddrInfoW
GetNameInfoW
FreeAddrInfoW
WSAStartup
WSACleanup

shlwapi

StrChrIW
StrChrW
StrStrIW
StrStrW
ord487

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26836cd06eb32e4da9de1ce8d9db287c

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

mpr

ole32

oleaut32

framedynos

secur32

ws2_32

shlwapi

version

Sections

.text Size: 99KB - Virtual size: 98KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 580KB - Virtual size: 2.5MB

.text
Size: 99KB - Virtual size: 98KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 580KB - Virtual size: 2.5MB