1943faf00008e8b428408ce2310f104f6d23c610384ff29c744e728997aa443c

Sharing

Copy URL Twitter E-mail

General

Target

1943faf00008e8b428408ce2310f104f6d23c610384ff29c744e728997aa443c
Size

511KB
MD5

a372a475da846b97bc6e3a63d5efdb90
SHA1

93ea9b8558ee3ccd6f72d2bd7e4d679ee3064915
SHA256

1943faf00008e8b428408ce2310f104f6d23c610384ff29c744e728997aa443c
SHA512

dc0aa5db19ae71882f5dcb5d4977a596550a7e79b78d0b341568e8268e4738ac2b090d6b9413d68f529f79c024cf157788ed78062b6e75149517a59326b3d137
SSDEEP

12288:6owI5YO8E9RN+yfQG/kC4F6aOdj6RmdVUMTtfS:6otYbEEyYG/VBjgmdo

Score

N/A

Malware Config

Signatures

Files

1943faf00008e8b428408ce2310f104f6d23c610384ff29c744e728997aa443c
.exe windows x64

b615c0d16e4080ec0386673a7cd162a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapSetInformation
lstrlenW
GetVersionExW
RtlLookupFunctionEntry
RtlVirtualUnwind
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
UnhandledExceptionFilter
GetCommandLineW
RtlCaptureContext

gdi32

GetClipBox
GetStockObject

user32

GetMessageW
SetCursor
IsRectEmpty
DefWindowProcW
GetSystemMetrics
RegisterClassW
PostQuitMessage
CreateWindowExW
GetActiveWindow
LoadStringW
GetCursorPos
ReleaseDC
TranslateMessage
GetDC
LoadCursorW
PostMessageW
DispatchMessageW

msvcrt

?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
__C_specific_handler
__getmainargs
_wtoi
wcschr
_XcptFilter

comctl32

ord344

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b615c0d16e4080ec0386673a7cd162a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

comctl32

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 512B - Virtual size: 216B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 66B

.vmp0 Size: 500KB - Virtual size: 1.8MB

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 512B - Virtual size: 216B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 66B

.vmp0
Size: 500KB - Virtual size: 1.8MB