a9e6db79464d9992a31482f0cf46b96a2646bcac70545692fb1e7fd703624486

Sharing

Copy URL

Twitter E-mail

General

Target

a9e6db79464d9992a31482f0cf46b96a2646bcac70545692fb1e7fd703624486
Size

358KB
MD5

d0cb1bcecc615db6be72c5c68576932e
SHA1

c127d890420d9205d3426d3edb5746678d0047cd
SHA256

a9e6db79464d9992a31482f0cf46b96a2646bcac70545692fb1e7fd703624486
SHA512

38e7df8234ceab44dd77b322526e23174cb69f54dc0eb4c547747ad25f833197cd815609780b5cac0993892a6793564a1ea1daf4c1e57896fe0b714f963e57ca
SSDEEP

6144:WYHpe4aM7iXeBPcnRE9LxiLAW+fDqRWrmzuOlHJvXwyCTlOp2K:WL4f2OBPce9LxiT0W8SrpvXwyCTl

Score

N/A

Malware Config

Signatures

Files

a9e6db79464d9992a31482f0cf46b96a2646bcac70545692fb1e7fd703624486
.exe windows x86

c5661b76d432ff6c806e9bd2f269395c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToDosDateTime
TerminateProcess
ReleaseActCtx
GetConsoleAliasesLengthA
GetVersionExA
GetConsoleOutputCP
GetDefaultCommConfigW
SetCommConfig
GetDriveTypeA
FreeEnvironmentStringsA
CreateTimerQueue
FindNextVolumeW
InitializeCriticalSectionAndSpinCount
ReadConsoleInputA
TlsGetValue
SetComputerNameExA
FindAtomA
BuildCommDCBAndTimeoutsA
LoadLibraryA
GlobalAlloc
InitializeCriticalSection
GetCommandLineW
InterlockedIncrement
CopyFileA
ZombifyActCtx
OutputDebugStringW
FormatMessageA
GetPriorityClass
WritePrivateProfileStringA
ExitThread
GlobalUnfix
HeapCompact
GetStartupInfoW
CreatePipe
GetCPInfoExW
GetWindowsDirectoryA
GetSystemWow64DirectoryA
WriteProfileSectionW
GetCalendarInfoW
ResumeThread
SetConsoleCursorInfo
SetLastError
ExitProcess
GetSystemTime
GetSystemInfo
EnumCalendarInfoExW
OpenSemaphoreW
DebugActiveProcess
lstrcmpA
GetPrivateProfileSectionNamesA
GetNumberOfConsoleInputEvents
GetProcAddress
GetSystemWindowsDirectoryA
FindCloseChangeNotification
CreateActCtxA
GetPrivateProfileIntW
_lread
InterlockedDecrement
DefineDosDeviceA
SetVolumeMountPointA
EndUpdateResourceW
WriteConsoleA
VirtualProtect
FreeEnvironmentStringsW
GetMailslotInfo
lstrcpyA
VerLanguageNameW
UnlockFile
SetSystemTime
GetFileType
GetConsoleCP
GetConsoleAliasA
GetLargestConsoleWindowSize
GetOverlappedResult
FindAtomW
GetConsoleAliasExesLengthA
WriteConsoleInputA
CreateMailslotA
EnumDateFormatsW
SetCommState
LockFile
_lclose
GetConsoleAliasExesLengthW
ResetWriteWatch
CreateConsoleScreenBuffer
ClearCommBreak
ChangeTimerQueueTimer
HeapSize
GetLastError
MoveFileW
GetConsoleDisplayMode
GetStringTypeA
SetFilePointer
PostQueuedCompletionStatus
SetFileApisToOEM
OpenWaitableTimerW
GetProcessId
GetNamedPipeHandleStateA
FillConsoleOutputCharacterW
FindNextVolumeMountPointA
WriteProfileStringA
GlobalAddAtomA
WriteConsoleOutputCharacterW
QueryInformationJobObject
QueryDosDeviceA
EnterCriticalSection
InitAtomTable
VirtualAlloc
GetBinaryTypeA
DeleteFileA
RaiseException
HeapValidate
IsBadReadPtr
DeleteCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetHandleCount
GetStdHandle
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetModuleFileNameA
WriteFile
HeapAlloc
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
DebugBreak
OutputDebugStringA
WriteConsoleW
LoadLibraryW
WideCharToMultiByte
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
CloseHandle
CreateFileA

user32

OemToCharA

winhttp

WinHttpReadData

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reyanu
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5661b76d432ff6c806e9bd2f269395c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winhttp

Sections

.text Size: 152KB - Virtual size: 152KB

.data Size: 157KB - Virtual size: 310KB

.reyanu Size: 512B - Virtual size: 5B

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 152KB - Virtual size: 152KB

.data
Size: 157KB - Virtual size: 310KB

.reyanu
Size: 512B - Virtual size: 5B

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 14KB - Virtual size: 14KB