abce0b3f24db62d9ba2cc7e0a7d2facc0e281149514dc45b2a4d966fb0d2f34e

Sharing

Copy URL Twitter E-mail

General

Target

abce0b3f24db62d9ba2cc7e0a7d2facc0e281149514dc45b2a4d966fb0d2f34e
Size

210KB
MD5

fba4c54f59ed76d39368dfacca90352a
SHA1

c637d3abc6f08b9ca282d1fafefed78573ca13b0
SHA256

abce0b3f24db62d9ba2cc7e0a7d2facc0e281149514dc45b2a4d966fb0d2f34e
SHA512

722a0806188ad9fd1ae0f48d4f4a9ad7926885e2f647d645eec3c339ccc449b172fc84a3e9930682560db66e65032fdb61452fd790e86f07a054cb489a90da9f
SSDEEP

3072:5iHVr9u7yHi5RRedo4o7gxmJSHvPV7aFBEaEnsPPfvf1wng3yXylOgvtpyGmapRl:5iHR9Cv4o7CXkNwqwng3uywutIG7

Score

N/A

Malware Config

Signatures

Files

abce0b3f24db62d9ba2cc7e0a7d2facc0e281149514dc45b2a4d966fb0d2f34e
.exe windows x86

a014d06261a161c1eb9fff3c4bfbb971

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GetLastError
GetProcAddress
VirtualAlloc
CloseHandle
lstrlenA
MapUserPhysicalPages
SetWaitableTimer
WaitNamedPipeA
GetCurrentProcess
SleepEx
AllocateUserPhysicalPages
FreeUserPhysicalPages
EnterCriticalSection
GetSystemInfo
SetNamedPipeHandleState
GetCurrentThreadId
OutputDebugStringA
CreateWaitableTimerA
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
SetStdHandle
WriteConsoleW
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
VirtualQuery
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
WideCharToMultiByte
WriteFile
GetProcessHeap
VirtualFree
HeapFree
HeapAlloc
SetFilePointer
CreateFileA
Sleep
QueryPerformanceCounter
HeapCreate
LeaveCriticalSection
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

GetMessageA
MessageBeep
GetClientRect
GetIconInfo
TranslateMessage
CreateIcon
IsWindow
DispatchMessageA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a014d06261a161c1eb9fff3c4bfbb971

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 162KB - Virtual size: 170KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 162KB - Virtual size: 170KB

.rsrc
Size: 5KB - Virtual size: 4KB