c114b73da17eb5c8aff5a7b5509ffe26b9770e28c7123f038e98d42f8a065632

Sharing

Copy URL Twitter E-mail

General

Target

c114b73da17eb5c8aff5a7b5509ffe26b9770e28c7123f038e98d42f8a065632
Size

2.7MB
MD5

8b1ac17884ad022db544732af21e11f9
SHA1

8fbe210535f4686c0f795476dc41f8bced0a759e
SHA256

c114b73da17eb5c8aff5a7b5509ffe26b9770e28c7123f038e98d42f8a065632
SHA512

5f74351343d94e535ee21fcef8ffecd96f1615e6437bf453b6c0bf1567fe517a4beb01e22f6bdccdc32d24e4c6d5d15403057f7086d3a264f4c44cd8b2dd96bf
SSDEEP

49152:OzFh0aytCzn+m/+m89CZMpoGtlq9+03UwNCqUCHc2bEuFQtAcWBNnFdp1BsPIU6j:PayUbqpnSH9kuuAdpL+K

Score

N/A

Malware Config

Signatures

Files

c114b73da17eb5c8aff5a7b5509ffe26b9770e28c7123f038e98d42f8a065632
.dll windows x64

6a0eb63b4a95076f9dce7fd2a93cde92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RaiseException
DeleteCriticalSection
DecodePointer
GlobalReAlloc
ProcessIdToSessionId
GetCurrentProcess
FindClose
CloseHandle
GetLastError
GetNativeSystemInfo
GetComputerNameA
GlobalFree
GlobalAlloc
InitializeCriticalSectionAndSpinCount
SetEndOfFile
WriteConsoleW
HeapSize
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
SetLastError
GetSystemTime
SystemTimeToFileTime
GetStdHandle
GetFileType
WriteFile
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
FreeLibrary
LoadLibraryW
GlobalMemoryStatus
LoadLibraryA
FlushConsoleInputBuffer
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
SetConsoleCtrlHandler
ReadFile
CreateFileW
GetDriveTypeW
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
HeapFree
HeapAlloc
GetStringTypeW
GetACP
HeapReAlloc
CompareStringW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
FlushFileBuffers
GetConsoleCP
ReadConsoleW
SetFilePointerEx
SetStdHandle
GetTimeZoneInformation
GetCurrentDirectoryW
GetFullPathNameW

user32

MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
UnregisterClassW

advapi32

ReportEventW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyHash
DeregisterEventSource
CryptEncrypt
CryptReleaseContext
CryptDestroyKey
RegisterEventSourceW

ws2_32

send
closesocket
htons
socket
gethostbyname
WSAStartup
recv
WSASetLastError
shutdown
connect
WSAGetLastError

shlwapi

StrStrIW
StrCmpIW

Exports

Exports

snagit

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a0eb63b4a95076f9dce7fd2a93cde92

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

shlwapi

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 400KB - Virtual size: 399KB

.data Size: 184KB - Virtual size: 206KB

.pdata Size: 54KB - Virtual size: 53KB

.gfids Size: 512B - Virtual size: 228B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 400KB - Virtual size: 399KB

.data
Size: 184KB - Virtual size: 206KB

.pdata
Size: 54KB - Virtual size: 53KB

.gfids
Size: 512B - Virtual size: 228B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 15KB