e00a60b6d273f110aff572031394061fa26cd1607a7a100cbd5ac423a370e043

Sharing

Copy URL Twitter E-mail

General

Target

e00a60b6d273f110aff572031394061fa26cd1607a7a100cbd5ac423a370e043
Size

3.9MB
MD5

8476760f765311a1f6ec4da321577bc8
SHA1

8bf3c2cd0fd14fe5974d0a223b7c4ecf884b7ed3
SHA256

e00a60b6d273f110aff572031394061fa26cd1607a7a100cbd5ac423a370e043
SHA512

a5617043d85937bedfedd105d1a08d828f045e397c870c1986ddbbf42d35aed338ec953371f5cb55755b7b6101a6dc816a7685ac6cd73b950c9b784d951d3c6e
SSDEEP

24576:lCWAIGwAoKYnSFwbHIWgPJvhHKNQy9T5RNGa2xBa1f0w8KqfkffVmrw:UdwATBFw7MfKJT5RJ2xBaZ0XzfKV1

Score

N/A

Malware Config

Signatures

Files

e00a60b6d273f110aff572031394061fa26cd1607a7a100cbd5ac423a370e043
.exe windows x86

48e399bd416ff7fb230f3793b93b5015

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetLocaleInfoA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
CloseHandle
SetNamedPipeHandleState
WaitNamedPipeA
GetLastError
CreateFileA
WaitForSingleObject
SetEvent
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
OpenEventA
GetConsoleCP
InterlockedIncrement
QueryPerformanceCounter
GetSystemTimeAsFileTime
QueryPerformanceFrequency
CreateMutexA
ReleaseMutex
ReadConsoleA
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleMode
GetConsoleMode
GetCurrentProcessId
InitializeCriticalSection
DeleteCriticalSection
TlsGetValue
TlsFree
TlsSetValue
GetCurrentThreadId
TlsAlloc
TryEnterCriticalSection
OpenThread
TerminateThread
InterlockedCompareExchange
CreateEventA
GetFileAttributesA
GetFullPathNameA
FindClose
FindNextFileA
FindFirstFileA
FreeLibrary
FormatMessageA
LoadLibraryExA
ReadFile
WriteFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
DuplicateHandle
GetCurrentProcess
GetFileAttributesExA
FlushFileBuffers
ResetEvent
WaitForMultipleObjects
GetOverlappedResult
CancelIo
EnterCriticalSection
DisconnectNamedPipe
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
ExitProcess
SetConsoleCtrlHandler
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
SetStdHandle
GetFileType
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitThread
CreateThread
GetFileInformationByHandle
GetDriveTypeA
WriteConsoleW
GetModuleFileNameW
SetHandleCount
GetStartupInfoA
FatalAppExitA
SetLastError
InterlockedDecrement
GetCurrentThread
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetTickCount
VirtualAlloc
SetFilePointer
RtlUnwind
GetCurrentDirectoryA
SetCurrentDirectoryA
LoadLibraryW
RaiseException
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
PeekNamedPipe
Sleep
SetEnvironmentVariableW

secur32

GetUserNameExW
FreeCredentialsHandle
DeleteSecurityContext
AcquireCredentialsHandleA
FreeContextBuffer
CompleteAuthToken
InitializeSecurityContextW

advapi32

RegOpenKeyExA
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
GetTokenInformation
LookupAccountNameW
EqualSid
IsValidSid
RegEnumValueA

ws2_32

getsockname
freeaddrinfo
closesocket
WSAGetLastError
socket
getaddrinfo
ntohs
connect
WSACleanup
WSAStartup
ioctlsocket
__WSAFDIsSet
select
recv
send
setsockopt
shutdown
getnameinfo
getpeername
htonl
WSASetLastError
getservbyname

Sections

.text
Size: 807KB - Virtual size: 807KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.9MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48e399bd416ff7fb230f3793b93b5015

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

secur32

advapi32

ws2_32

Sections

.text Size: 807KB - Virtual size: 807KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 2.9MB - Virtual size: 3.3MB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 836B

.reloc Size: 46KB - Virtual size: 46KB

.text
Size: 807KB - Virtual size: 807KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 2.9MB - Virtual size: 3.3MB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 836B

.reloc
Size: 46KB - Virtual size: 46KB