e9c6d91d051326f9c5104d28ecfe7ea3aadb1fbaba24bb18954fe68e01aa03ab

Sharing

Copy URL

Twitter E-mail

General

Target

e9c6d91d051326f9c5104d28ecfe7ea3aadb1fbaba24bb18954fe68e01aa03ab
Size

377KB
MD5

438778440a0141d8e5d5a203afc6a737
SHA1

74c786a563ca09e82301abaa4b5225c00f48d510
SHA256

e9c6d91d051326f9c5104d28ecfe7ea3aadb1fbaba24bb18954fe68e01aa03ab
SHA512

75edfffc5181937d2edab212ef65566d3fb91a493752f6c8bf6aebba0403c382a141af4652089176d1534306e512a29613be346de6f0c17790874fc8be95fbd5
SSDEEP

6144:tP5ukahaLVnNM45QV3JUtB0aFNmz1lZu+jo/ipJr2vlsJ8CkmAuZ5P0ju0EtX:tP5ukahaNNLiBaFNmz1lZxjSiXrwsHpB

Score

N/A

Malware Config

Signatures

Files

e9c6d91d051326f9c5104d28ecfe7ea3aadb1fbaba24bb18954fe68e01aa03ab
.dll windows x64

a072f1c94318919296942cfa2776d23a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

_strnicmp
memcmp
memset
_strupr
strcpy
ZwQueryInformationProcess
ZwQueryKey
NtSuspendProcess
NtSetContextThread
RtlNtStatusToDosError
NtResumeProcess
NtGetContextThread
_wcsnicmp
LdrFindEntryForAddress
NtMapViewOfSection
NtUnmapViewOfSection
ZwClose
NtCreateSection
memmove
NtQuerySystemInformation
RtlInitUnicodeString
NtQueryInformationFile
NtQueryInformationProcess
NtQueryDirectoryFile
NtQueryObject
ZwOpenProcessToken
ZwOpenProcess
ZwQueryInformationToken
RtlEqualUnicodeString
NtSetInformationProcess
_snprintf
memcpy
__chkstk
__C_specific_handler
VirtualFree
RaiseException
CreateIoCompletionPort
PostQueuedCompletionStatus
GetSystemInfo
GetQueuedCompletionStatus
CreateWaitableTimerA
OpenThread
ResetEvent
HeapReAlloc
RemoveVectoredExceptionHandler
HeapAlloc
HeapFree
SetEvent
CreateEventA
HeapDestroy
HeapCreate
GetLastError
LocalAlloc
AddVectoredExceptionHandler
GetCurrentThreadId
GetVersion
LocalFree
GetSystemTime
SwitchToThread
lstrlenA
WideCharToMultiByte
lstrcatA
MultiByteToWideChar
lstrlenW
SetLastError
lstrcmpiW
lstrcatW
lstrcpyW
lstrcpyA
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreateThread
GetComputerNameW
CreateMutexA
GetCurrentProcessId
lstrcpynA
lstrcpynW
lstrcmpiA
SetEnvironmentVariableW
SetErrorMode
SetUnhandledExceptionFilter
OpenProcess
Sleep
TerminateProcess
GetProcAddress
WaitForMultipleObjects
LoadLibraryA
CreateDirectoryW
ReleaseMutex
GlobalDeleteAtom
GlobalAddAtomA
IsBadReadPtr
IsBadStringPtrA
CreateFileA
SetFilePointer
SetEndOfFile
ExpandEnvironmentStringsA
WriteFile
FreeLibrary
lstrcmpA
VirtualQuery
GetCurrentProcess
VirtualProtect
ExpandEnvironmentStringsW
GetVersionExW
GetFileSize
ReadFile
CreateFileW
GetTempPathW
GetLongPathNameW
WaitForSingleObjectEx
ReadProcessMemory
VirtualAlloc
VirtualAllocEx
GetModuleFileNameA
WriteProcessMemory
GetThreadContext
VirtualProtectEx
SuspendThread
ResumeThread
CopyFileW
GetFileAttributesExW
FindFirstFileW
CompareFileTime
lstrcmpW
FindClose
FindNextFileW
GetEnvironmentVariableW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
OpenEventA
GetSystemWindowsDirectoryA
SetFilePointerEx
GetFileInformationByHandleEx
SetFileInformationByHandle
GetProcessId
RemoveDirectoryW
DuplicateHandle
DeleteFileW
MulDiv
GetTickCount
GetSystemTimeAsFileTime
GetProcessTimes
GetLocaleInfoW
VerLanguageNameW
SetWaitableTimer
CancelWaitableTimer
SystemTimeToFileTime
AcceptEx
GetAcceptExSockaddrs

Exports

Exports

PluginRegisterCallbacks
VncStartServer
VncStopServer

Sections

.text
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a072f1c94318919296942cfa2776d23a

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 275KB - Virtual size: 274KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 26KB - Virtual size: 31KB

.pdata Size: 7KB - Virtual size: 6KB

.bss Size: 18KB - Virtual size: 18KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 275KB - Virtual size: 274KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 26KB - Virtual size: 31KB

.pdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 18KB - Virtual size: 18KB

.reloc
Size: 4KB - Virtual size: 4KB