9eeb34fe9020657cd9e4f0f7d3dc59fff6b5ae961a60d64df02b169aa0476160

General

Target

9eeb34fe9020657cd9e4f0f7d3dc59fff6b5ae961a60d64df02b169aa0476160
Size

221KB
MD5

93017c632cafa77b6ecc75978a1305e0
SHA1

459986dca4ebd5f7ae5c36a1b61084182033010b
SHA256

9eeb34fe9020657cd9e4f0f7d3dc59fff6b5ae961a60d64df02b169aa0476160
SHA512

dcc31de85132d1c324e8a6702844c56ba7c4200eacda7175af34996ca930636b80e8f861b2486b7913fd6cccde100905dcdffa197ea16c6fd7a62640de68e889
SSDEEP

6144:vcv/GEqtOUCwqmtMB7DCRqrAf8oGoZojjs7C6pHF:vcmEqtMmCvdlaZiSpHF

Score

N/A

Malware Config

Signatures

Files

9eeb34fe9020657cd9e4f0f7d3dc59fff6b5ae961a60d64df02b169aa0476160
.exe windows x86

9cec6a4f456d08e2dc89ea8710a73933

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
SetLastError
lstrlenW
VirtualAlloc
lstrlenA
LoadResource
FileTimeToSystemTime
FindFirstChangeNotificationW
LoadLibraryExA
GetConsoleMode
IsValidCodePage
SetEnvironmentVariableA
DisableThreadLibraryCalls
GetTempPathA
GetStringTypeA
lstrcmpiA
FindClose
FindNextFileA
IsProcessorFeaturePresent
GetLastError
DeleteFileA
LCMapStringA
CreateMutexA
TlsGetValue
QueryPerformanceCounter
MapViewOfFileEx
SleepEx
GetOEMCP
RemoveDirectoryW
LCMapStringW
VirtualProtect
GlobalLock
GetVolumeInformationA
SetFilePointerEx
SearchPathA
FreeEnvironmentStringsA
GetCPInfo
FormatMessageA
GetCurrentProcess
GetCurrentDirectoryA
OpenEventA
MulDiv
GetLongPathNameW
GetOverlappedResult
WritePrivateProfileSectionA
MapViewOfFile
FindResourceA
GetLogicalDriveStringsA
GetCurrentProcessId
lstrcmpA
CreateEventA
FindFirstFileExW
ResetEvent
GetCommandLineW
GetCommandLineA
LocalFree
SetProcessAffinityMask
CreateToolhelp32Snapshot
GetFileType
CompareStringW
FreeEnvironmentStringsW
GetFileSizeEx
FindFirstFileA

ntdll

NtTraceEvent
RtlAddAce
ZwQueryPerformanceCounter
NtQuerySection
RtlCompareUnicodeString
NtQuerySystemInformation
ZwOpenFile
NtResumeThread
NtCreateSection
NtQuerySystemTime

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cec6a4f456d08e2dc89ea8710a73933

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 2KB - Virtual size: 4KB