vs[.]exe | Triage

General

Target

vs.exe
Size

13KB
MD5

6ff1ce294058e1a3bc24058d5ff7dee2
SHA1

a7741588cb9deb728c292514e76e3962f30a954e
SHA256

cff04aa0a317d6b7c498faccdfbe7353b2676ea97acb1bee1bda650f29a8e423
SHA512

587f03c7d64aaae746efb19205df3046c7bae4df02e95d678b2f689d88bbafbab26e78a9ca042322b3329b1c11218d135267ea3993ff2d476fced7fefcedf039
SSDEEP

192:BlmOSqTC69z5TIgtNWo2KMrogcop9mxzLor6nBFVk2s:Blm3QCiz5TIxTrogrpUdoraBFV7s

Score

N/A

Malware Config

Signatures

Files

vs.exe
.exe windows x64

a9d7ed6e89e17b7ba252409a3e9b7718

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoUninitialize
StringFromGUID2

msvcrt

__C_specific_handler
__iob_func
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_amsg_exit
_cexit
_commode
_fmode
_initterm
_onexit
_wcmdln
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
GetLastError
GetProcessHeap
GetStartupInfoW
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9d7ed6e89e17b7ba252409a3e9b7718

Headers

DLL Characteristics

File Characteristics

Imports

ole32

msvcrt

advapi32

kernel32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 324B

.pdata Size: 512B - Virtual size: 336B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 108B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 324B

.pdata
Size: 512B - Virtual size: 336B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 108B