4081793e8bf8725d2ff6f2b881339968ea9a4c20decbb4a4aa9b6685597ea3d7

Sharing

Copy URL Twitter E-mail

General

Target

4081793e8bf8725d2ff6f2b881339968ea9a4c20decbb4a4aa9b6685597ea3d7
Size

556KB
MD5

84e9453df3c595f32eec758bb778665f
SHA1

0981e587d944a91d4d9887f26b8aeb812b594a0b
SHA256

4081793e8bf8725d2ff6f2b881339968ea9a4c20decbb4a4aa9b6685597ea3d7
SHA512

57d629ef8df20d0fbc85f6cebc5efcbffcebf7fe13c42a7a90c35011d8b0727ed38b77bc5c911c2056d0a5ceccdf6dc9dff2c5ccf9fbe56efd0996bc4b0cec5d
SSDEEP

12288:vinUsdZpGWFnsKgqb/0nc0YfVpacVZBD3qHd7We4eigFUs8Hk+OwTZKQab7OO:viUiZpGknsK3b/0nc0YfPaOD3qHd7Wei

Score

N/A

Malware Config

Signatures

Files

4081793e8bf8725d2ff6f2b881339968ea9a4c20decbb4a4aa9b6685597ea3d7
.exe windows x86

8f3f80fa4b2bb12d4e6aa3f76d92ce89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
WideCharToMultiByte
GetConsoleOutputCP
WriteFile
WriteConsoleW
ReadConsoleInputW
FlushConsoleInputBuffer
GetModuleHandleW
FormatMessageW
GetStdHandle
SetThreadUILanguage
SetConsoleMode
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalFree
GetFileType
GetCurrentProcess
GetConsoleMode
GlobalFree
MultiByteToWideChar
ReadFile
GetFileInformationByHandle
CreateFileW
GetCommandLineW
SetLastError
LoadResource
FindResourceExW
LoadLibraryExW
MapViewOfFile
CloseHandle
CreateFileMappingW
GetLocaleInfoW
FreeLibrary
GetVersionExW
UnmapViewOfFile
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FindResourceW
SearchPathW
UnhandledExceptionFilter

msvcrt

_vsnwprintf
_controlfp
?terminate@@YAXXZ
memcpy
memset
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
wcsncmp
_exit
_cexit
__wgetmainargs
_wcsnicmp
_wcsicmp
bsearch

scavenge

GetScavengeSession

ntdll

RtlUpcaseUnicodeChar
NtDelayExecution
RtlRaiseStatus
RtlNtStatusToDosErrorNoTeb
RtlReAllocateHeap
DbgPrintEx
DbgUserBreakPoint
NtClose
RtlUnwind
RtlFreeHeap
RtlAllocateHeap

user32

LoadStringW

ole32

CoTaskMemFree
CoTaskMemAlloc

shell32

CommandLineToArgvW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f3f80fa4b2bb12d4e6aa3f76d92ce89

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

scavenge

ntdll

user32

ole32

shell32

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 46KB - Virtual size: 45KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

.vmp0
Size: 500KB - Virtual size: 1.6MB