d5e16f7b899c538c7fe0fc29f23da02cc259369d35aeca6e4034c7d06dc86e0a

Sharing

Copy URL Twitter E-mail

General

Target

d5e16f7b899c538c7fe0fc29f23da02cc259369d35aeca6e4034c7d06dc86e0a
Size

621KB
MD5

9107ac97626395db0a041ea0257a4290
SHA1

fbd55ae0a4800f973a25bc81cf659a7e6ac36e96
SHA256

d5e16f7b899c538c7fe0fc29f23da02cc259369d35aeca6e4034c7d06dc86e0a
SHA512

c247947b69e14bd2fe31dd923a5e6525223ec12689e21bb4a6df1f93dbfa933a40b0325463de6fec8478933a7986c2f1d914ccceda4469cfa28884abdb552b79
SSDEEP

12288:zbmIlJpiYeUxx/VmZi0XDVhpcy/3S9x2STXgTY9z:vzlJpiYeUvQZi0/pdi9x2SEkd

Score

N/A

Malware Config

Signatures

Files

d5e16f7b899c538c7fe0fc29f23da02cc259369d35aeca6e4034c7d06dc86e0a
.exe windows x64

f6aa58fd6bb934489b337c508994027a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

IsSETEnabled
BuildReasonArray
RecordShutdownReason
DestroyReasons
ReasonCodeNeedsComment
CallWindowProcW
SetForegroundWindow
GetWindowLongPtrW
EnableMenuItem
GetWindowTextLengthW
DialogBoxParamW
ExitWindowsEx
ReasonCodeNeedsBugID
GetWindowTextW
GetClassNameW
GetDlgItem
EndDialog
GetDesktopWindow
LoadStringW
CheckDlgButton
IsDlgButtonChecked
MessageBoxW
SetWindowLongPtrW
RegisterClipboardFormatW
SendMessageW
EnableWindow
SetWindowTextW
SetFocus

secur32

GetUserNameExW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
ReleaseStgMedium

ntdll

DbgPrint
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtInitiatePowerAction
RtlAdjustPrivilege
RtlNtStatusToDosError
NtPowerInformation

advapi32

InitiateShutdownW
InitiateSystemShutdownExW
AbortSystemShutdownW
ReportEventW
RegOpenKeyExW
RegConnectRegistryW
DeregisterEventSource
RegQueryValueExW
RegisterEventSourceW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

lstrlenW
lstrcmpW
WriteConsoleW
FormatMessageW
GetConsoleMode
LoadLibraryW
WideCharToMultiByte
WriteFile
GlobalLock
FreeLibrary
lstrlenA
GetEnvironmentVariableW
GlobalUnlock
GetConsoleOutputCP
GetStdHandle
SetThreadPreferredUILanguages
GetLastError
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
LoadLibraryA
GetModuleHandleW
GetProcAddress
LocalAlloc
GetFileType
DecodePointer
HeapSetInformation
LocalFree
SystemTimeToFileTime
GetSystemTimeAsFileTime
EncodePointer
ExpandEnvironmentStringsA

msvcrt

_unlock
_wcsicmp
_wtoi
wcsstr
_vsnwprintf
wcsncmp
exit
__wgetmainargs
__C_specific_handler
_XcptFilter
_exit
_cexit
_initterm
_amsg_exit
__setusermatherr
_commode
_fmode
__set_app_type
memset
__dllonexit
_lock
_onexit
?terminate@@YAXXZ

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 588KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6aa58fd6bb934489b337c508994027a

Headers

DLL Characteristics

File Characteristics

Imports

user32

secur32

ole32

ntdll

advapi32

kernel32

msvcrt

Sections

.text Size: 28KB - Virtual size: 27KB

.data Size: 512B - Virtual size: 4KB

.pdata Size: 1024B - Virtual size: 612B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 588KB - Virtual size: 2.5MB

.text
Size: 28KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 4KB

.pdata
Size: 1024B - Virtual size: 612B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 588KB - Virtual size: 2.5MB