85cac1422c7c585a3265ea84bf19e7962e9b1fafbd1006bb63dfde6a544e2df7

Sharing

Copy URL Twitter E-mail

General

Target

85cac1422c7c585a3265ea84bf19e7962e9b1fafbd1006bb63dfde6a544e2df7
Size

486KB
MD5

6906c2dcf9b46ae95ffc38b9e6f94190
SHA1

7ebdf64b485159d377fd1676aca2c87d28dbbea4
SHA256

85cac1422c7c585a3265ea84bf19e7962e9b1fafbd1006bb63dfde6a544e2df7
SHA512

5b95e567d43657e1033e3f234de638749cdef7340a7e857419a83933478b9d4ead0e1f9c9fbde0d30708d016672699c1666059b99c082f04f72f87d1f5e99743
SSDEEP

6144:HctYQqLwhHrWsOP+5VTZu+GUusbtD72i6LZ2X7CKroDUnwsbVgHb7UFkFgNWJF:UYQqLWbVTZgUunHZmoDOw77QFkAW

Score

N/A

Malware Config

Signatures

Files

85cac1422c7c585a3265ea84bf19e7962e9b1fafbd1006bb63dfde6a544e2df7
.exe windows x64

2e2c5e54757e680ba0b441bc31313ccc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExW
EventUnregister
RegOpenKeyExW
EventRegister
RegCloseKey
EventWrite

kernel32

ExitProcess
GetCommandLineW
CreateMutexW
SetErrorMode
FreeLibrary
HeapAlloc
HeapFree
SetProcessDEPPolicy
SetEvent
GetModuleHandleW
GetCurrentThread
GetProcessHeap
LoadLibraryW
CompareStringOrdinal
FormatMessageW
lstrlenW
SetThreadPriority
GetStartupInfoW
GetLastError
GetProcAddress
SetCurrentDirectoryW
OpenEventW
CloseHandle
LocalFree
ExpandEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
LoadLibraryA
LocalAlloc

user32

GetSystemMetrics
MessageBoxW
SendMessageTimeoutW
ShowWindow
GetDesktopWindow
GetClassNameW
FindWindowW
GetParent
SetForegroundWindow
IsIconic
GetWindow
GetWindowThreadProcessId
IsWindowVisible

ws2_32

WSAStartup
WSACleanup

ntdll

memset

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pzbxyeu
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oejauud
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

usgdfuw
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fuofgye
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e2c5e54757e680ba0b441bc31313ccc

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

ws2_32

ntdll

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 168B

.rsrc Size: 150KB - Virtual size: 150KB

.reloc Size: 51KB - Virtual size: 52KB

pzbxyeu Size: 55KB - Virtual size: 56KB

oejauud Size: 55KB - Virtual size: 56KB

usgdfuw Size: 55KB - Virtual size: 56KB

fuofgye Size: 107KB - Virtual size: 108KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 168B

.rsrc
Size: 150KB - Virtual size: 150KB

.reloc
Size: 51KB - Virtual size: 52KB

pzbxyeu
Size: 55KB - Virtual size: 56KB

oejauud
Size: 55KB - Virtual size: 56KB

usgdfuw
Size: 55KB - Virtual size: 56KB

fuofgye
Size: 107KB - Virtual size: 108KB