1496d59a64b9c277305eeaed0b01c99bbf684ed8b3b3251c84b7fafc7a664603

Sharing

Copy URL Twitter E-mail

General

Target

1496d59a64b9c277305eeaed0b01c99bbf684ed8b3b3251c84b7fafc7a664603
Size

607KB
MD5

510b03aa9ee15d4418b84194612ed270
SHA1

10a98882610688729ffbae7155756447d1717a77
SHA256

1496d59a64b9c277305eeaed0b01c99bbf684ed8b3b3251c84b7fafc7a664603
SHA512

7c6dc7cc96b584945f0ff1bf1b8df589efb3d9b6e5a23db7a2525f90403fcd9c36819513e46fde2427ead3511fd264dbb257d87bc568982cf40a67289fad80b4
SSDEEP

12288:Hjxqz401VIcYsfTF174S1QUSJw6aEoWQ2ZxMSSY5yaRRJyC9ad73GLZ:or74S1pJbJUxZADC9e3Gl

Score

N/A

Malware Config

Signatures

Files

1496d59a64b9c277305eeaed0b01c99bbf684ed8b3b3251c84b7fafc7a664603
.exe windows x86

45aab1a75b92a04100b6256e210acfe0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperW
CharLowerW
LoadStringW

secur32

GetUserNameExW

ws2_32

WSACleanup

shlwapi

StrStrW
StrStrIW
StrChrW
StrChrIW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

fflush
wcstol
wcstoul
wcstod
_except_handler3
_fileno
exit
_errno
fprintf
??3@YAXPAX@Z
_ultow
_vsnwprintf
__CxxFrameHandler
_iob
wcstok
_c_exit
_exit
_XcptFilter
__winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
??2@YAPAXI@Z
_cexit
__p__commode
__p__fmode
__set_app_type
_controlfp
_get_osfhandle

advapi32

AdjustTokenPrivileges
LookupAccountSidW
OpenProcessToken
LookupPrivilegeValueW
GetLengthSid
CopySid
LookupPrivilegeDisplayNameW
LookupPrivilegeNameW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
GetTokenInformation
GetSidSubAuthority

kernel32

ExitProcess
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
HeapReAlloc
HeapFree
WriteConsoleW
HeapSize
HeapAlloc
GetProcessHeap
HeapValidate
WideCharToMultiByte
GetConsoleOutputCP
GetThreadLocale
CompareStringW
lstrlenW
GetFileType
GetStdHandle
GetConsoleMode
VerSetConditionMask
VerifyVersionInfoW
FormatMessageW
LocalFree
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
GetModuleFileNameW
GetTimeFormatW
FileTimeToSystemTime
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
CompareStringA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 560KB - Virtual size: 1.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45aab1a75b92a04100b6256e210acfe0

Headers

DLL Characteristics

File Characteristics

Imports

user32

secur32

ws2_32

shlwapi

version

msvcrt

advapi32

kernel32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 344B

.rsrc Size: 12KB - Virtual size: 12KB

.vmp1 Size: 560KB - Virtual size: 1.7MB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 344B

.rsrc
Size: 12KB - Virtual size: 12KB

.vmp1
Size: 560KB - Virtual size: 1.7MB