5017414d1f331a368c3066cf02980d0f3012623dbe5468414b319f8c1d1b9131

Sharing

Copy URL Twitter E-mail

General

Target

5017414d1f331a368c3066cf02980d0f3012623dbe5468414b319f8c1d1b9131
Size

42KB
MD5

40bdc4533d6a42b533479a0225a47c43
SHA1

402999b343dc3cff1281153d3c165ed4afaca710
SHA256

5017414d1f331a368c3066cf02980d0f3012623dbe5468414b319f8c1d1b9131
SHA512

a21f7096b7bc6a83db235efcd1a6c7461fb2649c92307cdbcee7e1537824cfe2753c1778b995587ab621a4777b0d89113d0a76e84cb0351c7440cf7a71ce13e4
SSDEEP

768:HaBX2vSsC7pJQtYdg/bs8A4CeoPuHdRlLPskvs0NCzW0PtwrRwuXQGQy7n9HEd5N:HaAsotZpboPuHLl73VoW4GmuXQGQyD9S

Score

N/A

Malware Config

Signatures

Files

5017414d1f331a368c3066cf02980d0f3012623dbe5468414b319f8c1d1b9131
.exe windows x86

8f8f53c0cd08cffac18c613ae6d15d56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ulib

?Set@STREAM_MESSAGE@@UAEEKW4MESSAGE_TYPE@@K@Z
?QueryInvalidArgument@ARGUMENT_LEXEMIZER@@QAEPAVWSTRING@@XZ
??1PATH_ARGUMENT@@UAE@XZ
??1STRING_ARGUMENT@@UAE@XZ
??1ARRAY@@UAE@XZ
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
??1STREAM_MESSAGE@@UAE@XZ
?IsValueSet@ARGUMENT@@QAEEXZ
??1OBJECT@@UAE@XZ
?QueryFile@SYSTEM@@SGPAVFSN_FILE@@PBVPATH@@EPAE@Z
?Put@ARRAY@@UAEEPAVOBJECT@@@Z
?Initialize@LONG_ARGUMENT@@QAEEPAD@Z
?Initialize@REST_OF_LINE_ARGUMENT@@QAEEXZ
?Initialize@PATH_ARGUMENT@@QAEEPADE@Z
??0STREAM_MESSAGE@@QAE@XZ
??0ARGUMENT_LEXEMIZER@@QAE@XZ
??0ARRAY@@QAE@XZ
??0STRING_ARGUMENT@@QAE@XZ
??0FLAG_ARGUMENT@@QAE@XZ
??0LONG_ARGUMENT@@QAE@XZ
??0PATH_ARGUMENT@@QAE@XZ
??0REST_OF_LINE_ARGUMENT@@QAE@XZ
?Get_Standard_Input_Stream@@YGPAVSTREAM@@XZ
?Get_Standard_Output_Stream@@YGPAVSTREAM@@XZ
?Initialize@STREAM_MESSAGE@@QAEEPAVSTREAM@@00@Z
?Initialize@ARRAY@@QAEEKK@Z
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?SetCaseSensitive@ARGUMENT_LEXEMIZER@@QAEXE@Z
?PutSeparators@ARGUMENT_LEXEMIZER@@QAEXPBD@Z
?PrepareToParse@ARGUMENT_LEXEMIZER@@QAEEPAVWSTRING@@@Z
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
?Initialize@FLAG_ARGUMENT@@QAEEPAD@Z
??1ARGUMENT_LEXEMIZER@@UAE@XZ
?QueryStream@FSN_FILE@@QAEPAVFILE_STREAM@@W4STREAMACCESS@@K@Z
?ReadLine@STREAM@@QAEEPAVWSTRING@@E@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?MakeFileToken@MESSAGE@@SG_KPBD@Z
?DisplayMsg@MESSAGE@@QAAEKW4MESSAGE_TYPE@@KPBDZZ
?QueryWSTR@WSTRING@@QBEPAGKKPAGKE@Z
??0DSTRING@@QAE@XZ
?Initialize@WSTRING@@QAEEPBGK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
??1DSTRING@@UAE@XZ
?DeleteChAt@WSTRING@@QAEXKK@Z
?Display@MESSAGE@@QAAEPBDZZ
?Initialize@WSTRING@@QAEEPBDK@Z

kernel32

GetConsoleAliasExesW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
HeapSetInformation
ExpungeConsoleCommandHistoryW
SetConsoleNumberOfCommandsW
GetStdHandle
GetConsoleMode
SetConsoleMode
GetConsoleCommandHistoryLengthW
GetConsoleCommandHistoryW
AddConsoleAliasW
GetConsoleAliasExesLengthW
UnhandledExceptionFilter
GetConsoleAliasesLengthW
GetConsoleAliasesW

ntdll

RtlAllocateHeap
RtlFreeHeap

msvcrt

_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__getmainargs
_wcsicmp
wcschr

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ebmugqs
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f8f53c0cd08cffac18c613ae6d15d56

Headers

DLL Characteristics

File Characteristics

Imports

ulib

kernel32

ntdll

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 888B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 29KB

ebmugqs Size: - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 888B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 29KB

ebmugqs
Size: - Virtual size: 4KB