d09775717f0ec8479bcdea873d116aed248f8f9876cc7684919ac009db2b1ef4

Sharing

Copy URL

Twitter E-mail

General

Target

d09775717f0ec8479bcdea873d116aed248f8f9876cc7684919ac009db2b1ef4
Size

65KB
MD5

0c636bee1482eac8f56550c2796bff7e
SHA1

d9bc3721da37865467d7d981b3dba84168f1a089
SHA256

d09775717f0ec8479bcdea873d116aed248f8f9876cc7684919ac009db2b1ef4
SHA512

ac33e629bdf7f1ba8cfb221b7ad009d18dd9339218adae0434bd61a6303432596dcae7a62190763050f36c07837cd4fe73605452272dfaf40a22b80c34076c38
SSDEEP

1536:U8X9CHVJRnu4VvL7aMTkf4/Y1P4zO244V5IC:UD3u4LRQmVV5R

Score

N/A

Malware Config

Signatures

Files

d09775717f0ec8479bcdea873d116aed248f8f9876cc7684919ac009db2b1ef4
.exe windows x86

c5504dfdc66d4b90cfb670a7c26493f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleW
OutputDebugStringW
GetSystemDirectoryW
SetLastError
GetCurrentProcess
SetFileAttributesW
GetLastError
FormatMessageW
LocalFree
GetLocalTime
GetModuleFileNameW
lstrlenW
DeleteFileW
GetVersionExW
HeapSize
GetProcessHeap
SetEndOfFile
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
HeapFree
CloseHandle
ReadFile
SetFilePointer
RtlUnwind
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
HeapAlloc
VirtualAlloc
HeapReAlloc
CreateFileW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA

user32

ExitWindowsEx
MessageBoxW
GetDesktopWindow

advapi32

OpenServiceW
CloseServiceHandle
DeleteService
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW

shlwapi

PathAppendW
PathRemoveFileSpecW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5504dfdc66d4b90cfb670a7c26493f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 3KB - Virtual size: 3KB