e2ba4bea88a509b251fe72d0a44e8000e531f07920f463d2e4daba1612aa9234

Sharing

Copy URL Twitter E-mail

General

Target

e2ba4bea88a509b251fe72d0a44e8000e531f07920f463d2e4daba1612aa9234
Size

363KB
MD5

04ed8891b16780a9e05efb42452ef5e0
SHA1

079e27dc85110674bed37edf8b3a5867e7021756
SHA256

e2ba4bea88a509b251fe72d0a44e8000e531f07920f463d2e4daba1612aa9234
SHA512

c63ac7c7b94e1b8eef0ab4aadff7d51aaa00ab4dae2faa6a8c7c4964f8815636cec9a8a66f61605b67550ae259566a4254492508e92b701583f6bd26f1596c8e
SSDEEP

6144:9zm9oXd3vhz5nROzsOgUh0A68hRgI2aEHNMiniAjqNaJDQBXIuJhiXLuzOiKMH5e:JlXd3vbSiAfaNgKgJhiX6OilH51w3

Score

N/A

Malware Config

Signatures

Files

e2ba4bea88a509b251fe72d0a44e8000e531f07920f463d2e4daba1612aa9234
.exe windows x64

7da420c529210a2bdac57f7a38a3d48e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100_clr0400

?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__C_specific_handler
__getmainargs
_amsg_exit
free
malloc
_vsnprintf
wcscat_s
towupper
_vsnwprintf_s
_vsnprintf_s
strncmp
strcpy_s
wcsncmp
wcstoul
_errno
wcscpy_s
_purecall
memmove
wcsncpy_s
_wcsicmp
memcpy
__CxxFrameHandler3
memset
_CxxThrowException

advapi32

TraceEvent
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
DuplicateTokenEx
SetTokenInformation
RegQueryInfoKeyW

kernel32

HeapValidate
HeapDestroy
HeapCreate
VirtualProtect
VirtualQuery
VirtualFree
VirtualAlloc
SleepEx
ReleaseMutex
CreateMutexW
HeapFree
GetProcessHeap
HeapAlloc
TlsFree
TlsAlloc
TlsSetValue
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
GetTickCount
GetCurrentProcessId
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetCPInfo
GetProcAddress
GetCommandLineW
GetCurrentProcess
SetEnvironmentVariableW
SetEvent
OutputDebugStringW
OpenProcess
LoadLibraryW
GetFileAttributesW
TerminateProcess
GetModuleFileNameW
GetLastError
CreateEventW
WaitForMultipleObjects
IsDebuggerPresent
OpenEventW
CloseHandle
GetWindowsDirectoryW
DebugBreak
CreateThread
TlsGetValue
FreeLibrary
SetLastError
LoadLibraryExW
RaiseException
LocalFree
GetACP
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
GetEnvironmentVariableW
lstrlenW
FindClose
FindFirstFileW
CreateFileW
WaitForSingleObject
HeapSetInformation
GetCurrentThreadId

user32

DispatchMessageW
LoadStringW
MsgWaitForMultipleObjectsEx
PeekMessageW
MessageBoxW

mscoree

GetRequestedRuntimeInfo

ole32

CoAddRefServerProcess
CoUninitialize
CoReleaseServerProcess
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx

oleaut32

SetErrorInfo
SysStringLen

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7da420c529210a2bdac57f7a38a3d48e

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100_clr0400

advapi32

kernel32

user32

mscoree

ole32

oleaut32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 22KB - Virtual size: 26KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 236KB - Virtual size: 460KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 22KB - Virtual size: 26KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 236KB - Virtual size: 460KB