414d24af4d6619af1fedd5b5f3d960d9fc97814c93bd5563fb2cd41754a05d5a

General

Target

414d24af4d6619af1fedd5b5f3d960d9fc97814c93bd5563fb2cd41754a05d5a
Size

643KB
MD5

a3c1f2d8ec2674413033ff33f9025f92
SHA1

d1626a37f9df8d2a8905fcc4cdcd2e8f06e96aba
SHA256

414d24af4d6619af1fedd5b5f3d960d9fc97814c93bd5563fb2cd41754a05d5a
SHA512

eb022bea04746ca5543e4fc4a0bb346bee2b6ee21c3316139c21a16483cba81b2f73ab65820f2af57b192c5a78a8bdd05d72e4047675d4711e7a82ad4cb597b5
SSDEEP

6144:RQR05j/nnPSQC1Oz/pJmEgDSEVrY+obL0nT/NWJfs/fRup+QLopelgULgCQFjY+3:ZbqUz/pJmEmSwoE5W+MgUgFdqMutPeoK

Score

N/A

Malware Config

Signatures

Files

414d24af4d6619af1fedd5b5f3d960d9fc97814c93bd5563fb2cd41754a05d5a
.exe windows x86

aed0f76ff24a26ce99a45aff764148cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memmove
memset
_alldiv
_chkstk
RtlInitAnsiString
LdrUnloadDll
LdrGetProcedureAddress
RtlNtStatusToDosError
LdrLoadDll
RtlInitUnicodeString
LdrGetDllHandle
ZwWaitForMultipleObjects
RtlAllocateHeap
RtlFreeHeap
RtlFreeUnicodeString
RtlCreateUnicodeString
_allmul
DbgPrint
ZwDisplayString
_aullrem
_aulldiv
RtlCompareUnicodeString
RtlUpcaseUnicodeString
RtlOemStringToUnicodeString
RtlUnicodeStringToOemString
RtlxOemStringToUnicodeSize
NlsMbOemCodePageTag
RtlxUnicodeStringToOemSize
RtlxAnsiStringToUnicodeSize
RtlAnsiStringToUnicodeString
RtlxUnicodeStringToAnsiSize
RtlUnicodeStringToAnsiString
_aullshr
ZwDelayExecution
LdrShutdownThread
NtTerminateThread
NtResumeThread
CsrClientCallServer
RtlCreateUserThread
_allrem
_allshl
RtlClearBits
RtlAreBitsSet
RtlUnwind
ZwClose
ZwCreateFile
ZwDeviceIoControlFile
DbgBreakPoint
_stricmp
_strnicmp
_ftol
RtlReAllocateHeap
ZwTerminateProcess
RtlRaiseException

Sections

.text
Size: 506KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed0f76ff24a26ce99a45aff764148cb

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

Sections

.text Size: 506KB - Virtual size: 505KB

.rdata Size: 78KB - Virtual size: 77KB

.data Size: 4KB - Virtual size: 17KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 49KB - Virtual size: 48KB

.text
Size: 506KB - Virtual size: 505KB

.rdata
Size: 78KB - Virtual size: 77KB

.data
Size: 4KB - Virtual size: 17KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 49KB - Virtual size: 48KB