03e8bfeef64767f8b563a54232d36a135e507dd13121991d9e302ac8affa346e

Sharing

Copy URL Twitter E-mail

General

Target

03e8bfeef64767f8b563a54232d36a135e507dd13121991d9e302ac8affa346e
Size

517KB
MD5

965380bd50cb516e28ece6591ab6414d
SHA1

07bea291a2c1ec0004070c4469b7f59fe0008c6a
SHA256

03e8bfeef64767f8b563a54232d36a135e507dd13121991d9e302ac8affa346e
SHA512

de9bd562b54df0b0decf57241464db1a6fb8cc212e81946a035e723a5d741f13ec36e6b2bd6f55f6b9a160a3a7af521a0aeff330a1e3bec5c52576212c21688c
SSDEEP

12288:a2YWr+A6ETtr+7GH7YP3+YrBjcV7IJKewcnSZuEc5QrcPvTJGAci:aZWr+Azxr17M3+cBjU7IycVSrcdo

Score

N/A

Malware Config

Signatures

Files

03e8bfeef64767f8b563a54232d36a135e507dd13121991d9e302ac8affa346e
.exe windows x64

4655b1d487e50bfbc932e552ec766994

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
GetProcAddress
LoadLibraryA
FreeLibrary
lstrcmpiA
Sleep
SetUnhandledExceptionFilter
GetModuleHandleW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
lstrlenA
GetStartupInfoW

user32

DispatchMessageA
PostQuitMessage
GetMessageA
MessageBoxA

msvcrt

strtok
??3@YAXPEAX@Z
memset
??2@YAPEAX_K@Z
__getmainargs
__C_specific_handler
_XcptFilter
_exit
_ismbblead
_cexit
exit
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
sprintf_s
_acmdln

ole32

HWND_UserSize
HWND_UserSize64
HWND_UserFree
HWND_UserMarshal64
HWND_UserFree64
HWND_UserUnmarshal64
HWND_UserUnmarshal
CoRegisterPSClsid
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
CoUninitialize
HWND_UserMarshal

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
IUnknown_AddRef_Proxy
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release
IUnknown_Release_Proxy
CStdStubBuffer_CountRefs
NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
CStdStubBuffer_AddRef
NdrDllGetClassObject

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4655b1d487e50bfbc932e552ec766994

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

ole32

rpcrt4

Sections

.text Size: 12KB - Virtual size: 11KB

.orpc Size: 512B - Virtual size: 57B

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 432B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 286B

.vmp0 Size: 500KB - Virtual size: 1.8MB

.text
Size: 12KB - Virtual size: 11KB

.orpc
Size: 512B - Virtual size: 57B

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 432B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 286B

.vmp0
Size: 500KB - Virtual size: 1.8MB