7c446061e966be1137c965a9b22d8e354b053c66d48c3eae0b9a3d5245dde1ba

Sharing

Copy URL Twitter E-mail

General

Target

7c446061e966be1137c965a9b22d8e354b053c66d48c3eae0b9a3d5245dde1ba
Size

83KB
MD5

936c11661e06b8e0a2f16154ad831230
SHA1

5bacd623025422f1648dfd129cb5766e883fa435
SHA256

7c446061e966be1137c965a9b22d8e354b053c66d48c3eae0b9a3d5245dde1ba
SHA512

6abe6122f140417a73e79d217c157823fb0becff65eacbb2e4c7febc42d5e9d6a41092fdf5c90a66817a97d8243f1c92051d430cefa454e37cc75ddfb156726f
SSDEEP

1536:1C5tVCVbjAqIuUb0fM3nH3GV4m9M7LzCV4Y1p+7EbvykOVku1KyagemcNcYLdem:1EkAqI1bb3nH9zKLp+4uA0KoeXxe

Score

N/A

Malware Config

Signatures

Files

7c446061e966be1137c965a9b22d8e354b053c66d48c3eae0b9a3d5245dde1ba
.exe windows x64

e6c57cf769e848bfa8b76be94c5cde4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GlobalAlloc
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DeleteCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
GetSystemTimes
SetThreadUILanguage
WriteFile
WideCharToMultiByte
SetLastError
GetSystemDirectoryW
LocalFree
CloseHandle
GetOEMCP
DeviceIoControl
GlobalFree
GetLastError
GetStdHandle
MultiByteToWideChar
CreateFileW
FormatMessageW
GetModuleHandleW
GetSystemTimeAsFileTime
GetCommandLineW
InitializeCriticalSection

msvcrt

time
_lseek
calloc
??3@YAXPEAX@Z
memset
memcpy
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__getmainargs
fclose
fgets
_wfopen
sscanf
feof
wcstombs
_vsnwprintf
strcpy_s
iswctype
_ultoa_s
malloc
free
_wtoi
sprintf_s
_wcsicmp
perror
swprintf_s
fprintf
_iob
_itoa_s
abort

ws2_32

select
recv
recvfrom
htonl
getnameinfo
WSACleanup
WSAStartup
closesocket
freeaddrinfo
socket
bind
setsockopt
htons
getaddrinfo
connect
gethostname
WSAGetLastError
sendto
ntohl

user32

LoadStringW

slc

SLGetWindowsInformationDWORD

ntdll

RtlCharToInteger
RtlRandomEx
RtlAppendAsciizToString
RtlInitAnsiString
RtlIpv6AddressToStringA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlAppendStringToString
RtlIpv4AddressToStringA

advapi32

AllocateAndInitializeSid
FreeSid
OpenProcessToken
GetTokenInformation
EqualSid

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wabkspa
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c57cf769e848bfa8b76be94c5cde4c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ws2_32

user32

slc

ntdll

advapi32

Sections

.text Size: 46KB - Virtual size: 46KB

.data Size: 3KB - Virtual size: 15KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 28KB - Virtual size: 29KB

wabkspa Size: - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 46KB

.data
Size: 3KB - Virtual size: 15KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 28KB - Virtual size: 29KB

wabkspa
Size: - Virtual size: 4KB