7fbd77b6cdec37bf066d6542daf0e7f76ab0e895e6c4b818d92e4eef884af55b

Sharing

Copy URL Twitter E-mail

General

Target

7fbd77b6cdec37bf066d6542daf0e7f76ab0e895e6c4b818d92e4eef884af55b
Size

297KB
MD5

4539061f9b23cf785a4cd6718472eb30
SHA1

95e8cc9d14d4d1d4451af5c17ec1b78f9c87878b
SHA256

7fbd77b6cdec37bf066d6542daf0e7f76ab0e895e6c4b818d92e4eef884af55b
SHA512

0d6f1076fd4b85d839fc4f65608fffaf9c207bb5c3663427d05f060a104ebfc768398284c5db1d78b4687867448463ce489979090f63fdede9c42970a5ca3fb8
SSDEEP

6144:nfYhgXF+KwN1fm6iZIE+N31HxJ0sFV5sEzCcBPh600gZIDnuAeU/rVfSGYjiNZ:ZXF+KwzRHxisFVFtB5ZA5rY2

Score

N/A

Malware Config

Signatures

Files

7fbd77b6cdec37bf066d6542daf0e7f76ab0e895e6c4b818d92e4eef884af55b
.exe windows x86

23ada9d941b86837558438a670e2bc73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
Sleep
lstrcmpiW
GetCurrentThreadId
GetCurrentProcessId
GetLocalTime
SetThreadUILanguage
SetConsoleCtrlHandler
GetLastError
GetComputerNameW
GetConsoleMode
GetFileType
GetStdHandle
RegisterApplicationRestart
HeapSetInformation
GetModuleHandleW
LocalFree
WriteFile
LocalAlloc
WriteConsoleW
FormatMessageW
InterlockedExchange
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

msvcrt

_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_controlfp
_wcsnicmp
fgetwc
_vsnwprintf
memset
memcpy
_wtol
_vsnprintf
fprintf
_XcptFilter
_initterm
_exit
_cexit
__wgetmainargs
setvbuf
setlocale
exit
_wcsicmp
_wtoi
_iob
fclose
_wfopen

ntdll

RtlIpv6AddressToStringExW

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx
StringFromGUID2

user32

LoadStringW

ws2_32

WSAGetLastError
WSAAddressToStringW
htons
freeaddrinfo
WSAStartup
getaddrinfo
WSACleanup

Exports

Exports

??0CDrCallTracer@@QAE@KQBD0PBJ@Z
??1CDrCallTracer@@QAE@XZ
?LogMessage@CDrCallTracer@@QAAXKPADZZ

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jabwksx
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23ada9d941b86837558438a670e2bc73

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

ole32

user32

ws2_32

Exports

Exports

Sections

.text Size: 254KB - Virtual size: 254KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 36KB - Virtual size: 37KB

jabwksx Size: - Virtual size: 4KB

.text
Size: 254KB - Virtual size: 254KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 36KB - Virtual size: 37KB

jabwksx
Size: - Virtual size: 4KB