1f9c7b98485c5f1072970ecdd733096b8d4b37891b80ff92a9fa35b6c4018d97

Sharing

Copy URL

Twitter E-mail

General

Target

1f9c7b98485c5f1072970ecdd733096b8d4b37891b80ff92a9fa35b6c4018d97
Size

205KB
MD5

00cda7f78f35d0bf0d77ac17d7a52f90
SHA1

f1aced357b138d453436dee499693f81e8e3481d
SHA256

1f9c7b98485c5f1072970ecdd733096b8d4b37891b80ff92a9fa35b6c4018d97
SHA512

58edff2a5f02ed3474e0941cf0558bae0a85f5b540f130a0dd291b274724a3385c746b6e51faa3ce185657467a8fd36fa37de8039c393e832c943cbf7162911d
SSDEEP

3072:rdveuZ/l6Gpnxd+6kfDDffffNfffLffffnWz5ExMaj4YZ/5dlQUj0NcfTST+CwuA:FN6G/Ex1kQ/u602L2+CjA

Score

N/A

Malware Config

Signatures

Files

1f9c7b98485c5f1072970ecdd733096b8d4b37891b80ff92a9fa35b6c4018d97
.exe windows x86

79a495b2d377200108e5509c9bdb02eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeMountPointW
GetLongPathNameW
GetStringTypeExW
GetComputerNameW
BuildCommDCBAndTimeoutsW
GetStartupInfoA
lstrcpyA
SetConsoleMode
CloseHandle
CreateFileA
GetFileType
GetFileSize
GetStdHandle
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetFilePointer
UnhandledExceptionFilter
WriteFile
ExitProcess
FindClose
FindFirstFileA
FreeLibrary
GetCommandLineA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetThreadLocale
LoadLibraryExA
lstrcpynA
lstrlenA
MultiByteToWideChar
SetCurrentDirectoryA
WideCharToMultiByte
VirtualQuery
GetCurrentThreadId
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsGetValue
TlsSetValue
CompareStringA
CopyFileA
CreateEventA
CreateProcessA
CreateThread
EnumCalendarInfoA
FindResourceA
FormatMessageA
FreeResource
GetACP
GetCPInfo
GetCurrentProcessId
GetDiskFreeSpaceA
GetStringTypeExA
GetSystemInfo
GetTempPathA
GetTickCount
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalLock
GlobalHandle
GlobalReAlloc
GlobalUnlock
LoadLibraryA
LoadResource
LockResource
MulDiv
ResetEvent
SetErrorMode
SetEvent
SetThreadLocale
SizeofResource
Sleep
WaitForSingleObject
GetSystemTimeAsFileTime
GetModuleHandleW
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapFree
QueryPerformanceCounter
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 121.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79a495b2d377200108e5509c9bdb02eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 121.4MB

.rsrc Size: 128KB - Virtual size: 127KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 121.4MB

.rsrc
Size: 128KB - Virtual size: 127KB