475787e63e3af420902d22dcbfabcea13d5d12cd52ce754607ab15a35853ec08

Sharing

Copy URL Twitter E-mail

General

Target

475787e63e3af420902d22dcbfabcea13d5d12cd52ce754607ab15a35853ec08
Size

294KB
MD5

0f5d9f19168e977c5084b3f8ed640f30
SHA1

b2d39f8579cdf095e25e8e397c732ed0ca6a377f
SHA256

475787e63e3af420902d22dcbfabcea13d5d12cd52ce754607ab15a35853ec08
SHA512

f1ff8b32b5a62550cf7b51ede16c797ddf68a31fb71215830837c82e35e4a605272b7353b9df77206bca589a5428c88eecc171bab2b1e66710bcb701bd31cc81
SSDEEP

6144:8SPNWCfZzqldzHEj3T6r9MrFMyxCNdXC/98JC9OUUquDyZFn2SrknwVoKgumGhkw:LmkjT6r9MrFMyxMdids1KV2SzoNoh

Score

N/A

Malware Config

Signatures

Files

475787e63e3af420902d22dcbfabcea13d5d12cd52ce754607ab15a35853ec08
.exe windows x86

6ba659a76e9f738d221e452fd95d9493

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
Sleep
lstrcmpiW
GetCurrentThreadId
GetCurrentProcessId
GetComputerNameW
SetThreadUILanguage
RegisterApplicationRestart
GetConsoleMode
GetStdHandle
GetLastError
GetLocalTime
GetFileType
SetConsoleCtrlHandler
HeapSetInformation
GetModuleHandleW
WriteFile
FormatMessageW
WriteConsoleW
LocalAlloc
LocalFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount

msvcrt

_exit
_cexit
__p__fmode
__setusermatherr
_initterm
?terminate@@YAXXZ
__set_app_type
_except_handler4_common
memcpy
__wgetmainargs
_amsg_exit
__p__commode
_wtoi
exit
fclose
_iob
setlocale
setvbuf
_controlfp
_wfopen
_wcsicmp
_vsnprintf
fprintf
_wtol
_vsnwprintf
fgetwc
_wcsnicmp
_XcptFilter
memset

ntdll

RtlIpv6AddressToStringExW

ole32

CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoUninitialize

user32

LoadStringW

ws2_32

htons
WSAStartup
WSAAddressToStringW
WSACleanup

Exports

Exports

??0CDrCallTracer@@QAE@KQBD0PBJ@Z
??1CDrCallTracer@@QAE@XZ
?LogMessage@CDrCallTracer@@QAAXKPADZZ

Sections

.text
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fdstxiy
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ba659a76e9f738d221e452fd95d9493

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

ole32

user32

ws2_32

Exports

Exports

Sections

.text Size: 245KB - Virtual size: 245KB

.data Size: 2KB - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 41KB - Virtual size: 42KB

fdstxiy Size: - Virtual size: 4KB

.text
Size: 245KB - Virtual size: 245KB

.data
Size: 2KB - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 41KB - Virtual size: 42KB

fdstxiy
Size: - Virtual size: 4KB