e11eedf17aa886b4ae0443366f6a68119380081ebd2ab3a683c1038d47393208

General

Target

e11eedf17aa886b4ae0443366f6a68119380081ebd2ab3a683c1038d47393208
Size

43KB
MD5

61ab81c78b5a3b4f46434f9a27188204
SHA1

2a006d9c0d7a35660d0a919ed1a9cfff098954cc
SHA256

e11eedf17aa886b4ae0443366f6a68119380081ebd2ab3a683c1038d47393208
SHA512

b6d3149ef3e365351575b61e13cb215aac8e09fda352bc70c22b7233f10dd5af37478ec739cf4951883ca9ff6b2036b15b85aa99ad2c66e01fe344eb3134ff11
SSDEEP

768:IVq9N8hfYrn6jLkXG9YG4ZYszFx9Rd3ZqoldX8iy:IVwGQufks54ZYszFtd3QOX8

Score

N/A

Malware Config

Signatures

Files

e11eedf17aa886b4ae0443366f6a68119380081ebd2ab3a683c1038d47393208
.exe windows x86

913162b7134c9880f8d101a03172dff6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winsta

WinStationOpenServerW
WinStationNameFromLogonIdW
LogonIdFromWinStationNameW
WinStationConnectW

user32

LoadStringW

kernel32

TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
ReadConsoleW
SetConsoleMode
GetConsoleMode
GetStdHandle
GetLastError
SetThreadUILanguage
GetConsoleOutputCP
FreeLibrary
LoadLibraryW
SetLastError
WriteConsoleW
GetFileType
MultiByteToWideChar
GetModuleHandleW
FormatMessageW
GetProcAddress
VerifyVersionInfoW
VerSetConditionMask
LocalFree
LocalAlloc
GetCommandLineW
GetFileAttributesW
lstrcpynW
FindNextFileW
FindFirstFileW
GetSystemTimeAsFileTime

ntdll

_wcslwr
memmove
_wcsnicmp
wcstol
wcsncpy
wcscat
_ultoa
wcschr
wcscpy
wcslen
_snwprintf
iswctype
wcstoul
wcscmp

msvcrt

_cexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
putchar
_wsetlocale
setlocale
fprintf
_iob
malloc
free
vfwprintf
vswprintf
fwprintf
_wcsdup
_c_exit
_exit
_XcptFilter
_initterm
exit
__initenv
__getmainargs

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

913162b7134c9880f8d101a03172dff6

Headers

DLL Characteristics

File Characteristics

Imports

winsta

user32

kernel32

ntdll

msvcrt

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 5KB

.rsrc Size: 30KB - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 5KB

.rsrc
Size: 30KB - Virtual size: 31KB