a4f249d55b6c576ba495d37f00aafe958cd640b43840341cc42923e360dd9a7e

Sharing

Copy URL

Twitter E-mail

General

Target

a4f249d55b6c576ba495d37f00aafe958cd640b43840341cc42923e360dd9a7e
Size

421KB
MD5

eadc6578e593f4aad9c28d92145c31da
SHA1

cdd3be37e9ebbb822160c9876b58227a8a4368f2
SHA256

a4f249d55b6c576ba495d37f00aafe958cd640b43840341cc42923e360dd9a7e
SHA512

8ab68d1e4445ca8488bd2fef94d474ba370dca0697d209dd1150f0b4c4157fc9776616b640b0ef25e38ba10b4403fb54cbe2f933a745c31020442f2f3cd6bcbb
SSDEEP

6144:C0kjyIWuw1qOVn+qM6BoTOaquEb2mS+qv6iQEOrm:lkjyIWuw1qOVn7BoTO4v8r

Score

N/A

Malware Config

Signatures

Files

a4f249d55b6c576ba495d37f00aafe958cd640b43840341cc42923e360dd9a7e
.exe windows x64

396eb4bbadce9d9a75f1687ab09d25d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetStdHandle
SetHandleInformation
WriteFile
GetLastError
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
GetEnvironmentVariableW
CreateFileW
CloseHandle
ReadConsoleW
GetConsoleMode
ReadFile
GetFileSizeEx
DeleteFileW
RemoveDirectoryW
GetFileAttributesW
SetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
FindNextFileW
FindFirstFileExW
FindClose
GetCommandLineW
GetCommandLineA
RtlUnwindEx
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
SetLastError
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
FreeLibrary
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
GetFileType
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
LoadLibraryExW
CompareStringW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
HeapSize
GetModuleFileNameW
FlushFileBuffers
GetConsoleOutputCP
SetFilePointerEx
WriteConsoleW
QueryPerformanceCounter
GetCurrentProcessId

ws2_32

connect
inet_addr
htons
WSAStartup
closesocket
recv
send
getaddrinfo
socket

Sections

.text
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

396eb4bbadce9d9a75f1687ab09d25d2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 355KB - Virtual size: 355KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 4KB - Virtual size: 36KB

.pdata Size: 6KB - Virtual size: 6KB

_RDATA Size: 512B - Virtual size: 348B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 355KB - Virtual size: 355KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 4KB - Virtual size: 36KB

.pdata
Size: 6KB - Virtual size: 6KB

_RDATA
Size: 512B - Virtual size: 348B

.reloc
Size: 2KB - Virtual size: 2KB