2324488ec4f95f18f03b4a38a63ac846b04591f5da256d3ada9aab0f02ba651f

Sharing

Copy URL Twitter E-mail

General

Target

2324488ec4f95f18f03b4a38a63ac846b04591f5da256d3ada9aab0f02ba651f
Size

161KB
MD5

4f81b71de5074329d0a663e17ab638e0
SHA1

84552dea003a974bf9621d940e36980da504c3ea
SHA256

2324488ec4f95f18f03b4a38a63ac846b04591f5da256d3ada9aab0f02ba651f
SHA512

4c6898cf1839647848ceb4aa760cfc9abec9ca73473492ec12f6ee17c25587235c1fb52a24ad0b6b6eb7f249c27a92bf5143d3d32d97aa0730e35a13b4b40525
SSDEEP

3072:uKjgZkzsxPL2kNiUnSHNOSK6VffdInm3oW657tLvDMfSKmrM/sKfMch6tDaDQD9L:AZkQxPL95GNOSKCfF657tpKR/1Mch6tH

Score

N/A

Malware Config

Signatures

Files

2324488ec4f95f18f03b4a38a63ac846b04591f5da256d3ada9aab0f02ba651f
.exe windows x86

a6d1280b9046fd0e99f5fe1c26257c54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

StrongNameSignatureGenerationEx
StrongNameFreeBuffer
StrongNameTokenFromPublicKey
StrongNameSignatureVerificationEx
StrongNameKeyGen
StrongNameKeyGenEx
StrongNameGetPublicKey
StrongNameTokenFromAssemblyEx
StrongNameCompareAssemblies
StrongNameKeyInstall
GetRequestedRuntimeInfo
StrongNameKeyDelete
StrongNameErrorInfo

msvcr90

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_errno
free
malloc
_purecall
_CxxThrowException
strcpy_s
memmove
wcstoul
towupper
strchr
_wtoi
memcpy
sprintf_s
__CxxFrameHandler3
memset
_snwprintf_s
wcsncpy_s
_snprintf_s
wcscat_s
_vsnwprintf_s
wcscpy_s
_vsnprintf_s
wcschr

advapi32

CryptAcquireContextW
CryptAcquireContextA
RegQueryValueExW
RegDeleteValueW
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyExW
RegOpenKeyExA
CryptGetUserKey
CryptExportKey
RegCloseKey

kernel32

LocalFree
GetModuleFileNameW
GetModuleFileNameA
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
LocalAlloc
TlsAlloc
TlsFree
HeapAlloc
GetProcessHeap
HeapFree
WaitForSingleObjectEx
ReleaseMutex
SleepEx
VirtualAlloc
VirtualFree
VirtualQuery
VirtualProtect
HeapCreate
HeapDestroy
HeapValidate
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
InterlockedExchange
Sleep
UnhandledExceptionFilter
IsDebuggerPresent
FormatMessageA
FormatMessageW
TlsGetValue
InterlockedCompareExchange
InterlockedIncrement
TlsSetValue
InterlockedDecrement
SetUnhandledExceptionFilter
CreateSemaphoreW
CloseHandle
SetLastError
GetLastError
GetFileSize
FreeLibrary
GetProcAddress
WriteFile
GetStdHandle
GetConsoleOutputCP
ReadFile
SetConsoleMode
GetConsoleMode
UnmapViewOfFile
MapViewOfFile
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExA
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
lstrlenW
TerminateProcess
GetCurrentProcess
LoadLibraryExA
LoadLibraryExW
RaiseException
CreateFileA
CreateFileW
CreateSemaphoreA
CreateMutexA
CreateMutexW
CreateEventA
CreateEventW
GetEnvironmentVariableA
GetEnvironmentVariableW
CreateFileMappingA
CreateFileMappingW
GetTickCount

crypt32

CertSetCertificateContextProperty
PFXImportCertStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertFreeCertificateContext
CryptQueryObject
CertCloseStore

user32

LoadStringW
LoadStringA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard

ole32

CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6d1280b9046fd0e99f5fe1c26257c54

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

msvcr90

advapi32

kernel32

crypt32

user32

ole32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 75KB - Virtual size: 76KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 75KB - Virtual size: 76KB