b1b38089eec782cf71ece5c8686dcc22fa84b37b111db98adc81a321a80763eb

Sharing

Copy URL Twitter E-mail

General

Target

b1b38089eec782cf71ece5c8686dcc22fa84b37b111db98adc81a321a80763eb
Size

49KB
MD5

4b9978b665e792a4af04c9d2143d74f0
SHA1

ac9341779b92c1f358028e8e10fa7203ffd82ba9
SHA256

b1b38089eec782cf71ece5c8686dcc22fa84b37b111db98adc81a321a80763eb
SHA512

af08bed12e2d6adc3512152fac3371d0a80ba8d9d469df27609e6d3e18976a3b21c464285e1aa68e184164307627b6ef1764dea6cd970287c6b0f68386366fd4
SSDEEP

768:nPjXaVlaG5868O4ZLekSafImkTaJGfuhRyjpyqL3qeBAYEUKBHs3y1:nGrERZqkSafIFT2hg5xKJQy

Score

N/A

Malware Config

Signatures

Files

b1b38089eec782cf71ece5c8686dcc22fa84b37b111db98adc81a321a80763eb
.exe windows x86

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
GetCurrentProcess
GetCurrentThread
LocalFree
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
FormatMessageW
GetModuleHandleW
Sleep
RaiseException
LoadLibraryA
SetThreadUILanguage
GetConsoleOutputCP
WideCharToMultiByte
GetProcessHeap
HeapAlloc
GetStdHandle
WriteFile
HeapFree
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
OutputDebugStringA
InterlockedCompareExchange
InterlockedExchange

msvcrt

__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
free
mbtowc
__mb_cur_max
_amsg_exit
_snprintf
_itoa
wctomb
malloc
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
??3@YAXPAX@Z
isleadbyte
_wsetlocale
fwprintf
_vsnwprintf
??2@YAPAXI@Z
memset
exit
memcpy
strtol
fprintf
_iob
__CxxFrameHandler
_initterm
_XcptFilter
_exit
_cexit
__getmainargs
_errno

ntdll

RtlUnwind
NtOpenThreadToken
RtlAdjustPrivilege
RtlInitString
NtQueryInformationToken
NtDuplicateToken
NtSetInformationThread
NtClose

user32

LoadStringW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5901df746cac12bd9732231843213ec2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

user32

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 19KB - Virtual size: 22KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 19KB - Virtual size: 22KB