64092f524ed1ad8cb609b7276c2f8b9332b2a4ea34798b0e56a939315032a631

Sharing

Copy URL Twitter E-mail

General

Target

64092f524ed1ad8cb609b7276c2f8b9332b2a4ea34798b0e56a939315032a631
Size

559KB
MD5

9145abd3bd9026b046630be2faed5b30
SHA1

8c8cf2c93d63d035e81bdd5f2e044aa3d2a9346c
SHA256

64092f524ed1ad8cb609b7276c2f8b9332b2a4ea34798b0e56a939315032a631
SHA512

72cc75c8d3b5f84915de44e96852e5eda26eb0d364f94c3a2f3b68c6ba987f6f6b740121d8a913af87ede43e99e998faf35c07b0c3d33a5bd68224e50f2a873a
SSDEEP

12288:aR5D/3//jPX0BGsLFS7d1SStHGkc980p82ehSL4dW:WzHjSxCd1SStHA86ehSL4d

Score

N/A

Malware Config

Signatures

Files

64092f524ed1ad8cb609b7276c2f8b9332b2a4ea34798b0e56a939315032a631
.exe windows x86

43aa1d44257981efe69d8ac377559d4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualAlloc
SetStdHandle
GetVolumeNameForVolumeMountPointW
LocalSize
PostQueuedCompletionStatus
GetTickCount
SetMailslotInfo
SetFilePointer
EnumLanguageGroupLocalesW
HeapCreate
ReleaseMutex
EnumResourceNamesW
ReadConsoleInputExW

tapi32

lineMakeCall
lineTranslateDialogW
lineBlindTransferA
lineSetDevConfigA

mscms

UninstallColorProfileW
InternalGetPS2ColorSpaceArray
CreateColorTransformA
EnumColorProfilesA
GetColorProfileHeader
OpenColorProfileW
InternalGetPS2CSAFromLCS

advapi32

GetSidIdentifierAuthority
MakeAbsoluteSD
LogonUserA
LsaQueryInformationPolicy
RegOpenCurrentUser
SetSecurityDescriptorOwner
GetSidLengthRequired
RegSetKeySecurity
ReportEventA
GetSidSubAuthorityCount

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 150KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 54KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 103KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 92KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 82KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43aa1d44257981efe69d8ac377559d4f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

mscms

advapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.bss Size: 150KB - Virtual size: 160KB

.edata Size: 54KB - Virtual size: 118KB

.bss Size: 103KB - Virtual size: 137KB

DATA Size: 92KB - Virtual size: 187KB

DATA Size: 82KB - Virtual size: 138KB

.rsrc Size: 59KB - Virtual size: 59KB

.reloc Size: 512B - Virtual size: 218B

.text
Size: 16KB - Virtual size: 15KB

.bss
Size: 150KB - Virtual size: 160KB

.edata
Size: 54KB - Virtual size: 118KB

.bss
Size: 103KB - Virtual size: 137KB

DATA
Size: 92KB - Virtual size: 187KB

DATA
Size: 82KB - Virtual size: 138KB

.rsrc
Size: 59KB - Virtual size: 59KB

.reloc
Size: 512B - Virtual size: 218B