abbaae52025fb86a8d6e80a9bc3a6babd041827b91badeaa64959ecda7bb1fc5

Sharing

Copy URL Twitter E-mail

General

Target

abbaae52025fb86a8d6e80a9bc3a6babd041827b91badeaa64959ecda7bb1fc5
Size

4.5MB
MD5

d42f11604bd0f9145c328331076746b2
SHA1

0066e37d176c062a0e1cde3ceeca338a801d7a43
SHA256

abbaae52025fb86a8d6e80a9bc3a6babd041827b91badeaa64959ecda7bb1fc5
SHA512

58b76532a2c998eaaafe5f788a7ba0038606e9b52d693e246a20abae769bbf7eb56bd6649bbd8be0cf336e308364446b1016b35e150489da56c9148f61c034fe
SSDEEP

98304:N/rG6kdEky4GD+xRxrA9S+YkI17wMjRbPeJgmAzo3YYXn:d8EkX9sKk2sMjdPeJg/ooA

Score

N/A

Malware Config

Signatures

Files

abbaae52025fb86a8d6e80a9bc3a6babd041827b91badeaa64959ecda7bb1fc5
.exe windows x64

376ba0e4b2c13bb7e4cd4e74ebb7081f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

getsockopt

psapi

GetProcessMemoryInfo

iphlpapi

GetAdaptersAddresses

userenv

GetUserProfileDirectoryW

crypt32

CertDuplicateCertificateContext

kernel32

GetVersionExA
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

DispatchMessageA
GetProcessWindowStation
GetUserObjectInformationW

shell32

SHGetSpecialFolderPathA

advapi32

OpenProcessToken

msvcp140

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

bcrypt

BCryptGenRandom

vcruntime140

__current_exception_context

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function

api-ms-win-crt-math-l1-1-0

_fdsign

api-ms-win-crt-heap-l1-1-0

malloc

api-ms-win-crt-string-l1-1-0

wcslen

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-convert-l1-1-0

_strtoui64

api-ms-win-crt-utility-l1-1-0

_rotr64

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

Sections

.text
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RANDOMX
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_SHA3_25
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jkcixus
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jkcixus
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

376ba0e4b2c13bb7e4cd4e74ebb7081f

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

psapi

iphlpapi

userenv

crypt32

kernel32

user32

shell32

advapi32

msvcp140

bcrypt

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Sections

.text Size: - Virtual size: 2.5MB

.rdata Size: - Virtual size: 1.1MB

.data Size: - Virtual size: 3.2MB

.pdata Size: - Virtual size: 108KB

_RANDOMX Size: - Virtual size: 2KB

_SHA3_25 Size: - Virtual size: 2KB

_TEXT_CN Size: - Virtual size: 6KB

_TEXT_CN Size: - Virtual size: 4KB

.jkcixus Size: - Virtual size: 1.5MB

.jkcixus Size: 4.5MB - Virtual size: 4.5MB

.reloc Size: 512B - Virtual size: 224B

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 2.5MB

.rdata
Size: - Virtual size: 1.1MB

.data
Size: - Virtual size: 3.2MB

.pdata
Size: - Virtual size: 108KB

_RANDOMX
Size: - Virtual size: 2KB

_SHA3_25
Size: - Virtual size: 2KB

_TEXT_CN
Size: - Virtual size: 6KB

_TEXT_CN
Size: - Virtual size: 4KB

.jkcixus
Size: - Virtual size: 1.5MB

.jkcixus
Size: 4.5MB - Virtual size: 4.5MB

.reloc
Size: 512B - Virtual size: 224B

.rsrc
Size: 512B - Virtual size: 469B