afe1b5b272b2407563d057b1f3fde77c5b3f126fe9257ad7397b9ee49ac25a00

Sharing

Copy URL Twitter E-mail

General

Target

afe1b5b272b2407563d057b1f3fde77c5b3f126fe9257ad7397b9ee49ac25a00
Size

281KB
MD5

849f928fc9981d11f0b3ff5544019240
SHA1

9b537d5e050d3afad2097540e026230f7b2ff528
SHA256

afe1b5b272b2407563d057b1f3fde77c5b3f126fe9257ad7397b9ee49ac25a00
SHA512

6edd79b2c60478c3ca71225b3fa1bb866c5e5d88bc3f049566d394d648a87d59b72da390a13864c350167382251efb4b62a6ba814dfc83fee01771c6267a7db8
SSDEEP

3072:fLcAeriaGk2tLkZn0hZk/fbt+7wjCUBO+04kU7jejsMlG6J/31dAeOEtNYdHVOQf:zpON2tA423Kibf7jvMl9TJTY3

Score

N/A

Malware Config

Signatures

Files

afe1b5b272b2407563d057b1f3fde77c5b3f126fe9257ad7397b9ee49ac25a00
.exe windows x64

319d7f6471d5cbc5b2256002cf87b18c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysAllocString
VariantClear
VariantCopy
SysStringByteLen
SysFreeString

user32

CharNextA
CharUpperW
CharUpperA

advapi32

AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW

msvcrt

_XcptFilter
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UEAA@XZ
__C_specific_handler
_beginthreadex
_isatty
wcslen
fputc
fflush
_iob
_c_exit
fgetc
fclose
free
malloc
memmove
memcmp
memcpy
fprintf
strlen
fputs
memset
__CxxFrameHandler
_CxxThrowException
_exit
_cexit
exit
__getmainargs
__initenv
_initterm
__setusermatherr
_commode
_fmode
__set_app_type

kernel32

VirtualAlloc
VirtualFree
GetModuleHandleW
WaitForSingleObject
SetEvent
InitializeCriticalSection
SetConsoleMode
SetCurrentDirectoryW
GetProcAddress
GetProcessTimes
GetTickCount
UnmapViewOfFile
OpenEventW
MapViewOfFile
OpenFileMappingW
GetSystemTime
SystemTimeToFileTime
FileTimeToDosDateTime
GlobalMemoryStatusEx
GetSystemInfo
FileTimeToSystemTime
CompareFileTime
GetCurrentProcess
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
DeviceIoControl
FindNextFileW
FindFirstFileW
FindClose
GetFullPathNameW
lstrlenW
GetTempFileNameW
GetTempPathW
SearchPathW
GetCurrentDirectoryW
DeleteFileW
CreateDirectoryW
SetConsoleCtrlHandler
FileTimeToLocalFileTime
GetCommandLineW
SetFileApisToOEM
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetConsoleMode
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryExW
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
GetWindowsDirectoryW
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
GetLastError

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

319d7f6471d5cbc5b2256002cf87b18c

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 73KB - Virtual size: 72KB

.data Size: 2KB - Virtual size: 11KB

.pdata Size: 18KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 73KB - Virtual size: 72KB

.data
Size: 2KB - Virtual size: 11KB

.pdata
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 4KB