664ce779de579b12f11ed6e4293f6b63[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

664ce779de579b12f11ed6e4293f6b63.exe
Size

332KB
MD5

664ce779de579b12f11ed6e4293f6b63
SHA1

4af3b6f9ab3fef2d00ad055ab82750dd39f83404
SHA256

9eb4c567819158702a3e34623a7d043d48dd5e83628f2f18b46ddbf6a9c1cf43
SHA512

58b5626cdc8f00adfc41a8ceaa9ea1a841c2a7c3350c29a2a0620acc46b7d91df8dc1722e132423896b499be87e1ac5e50cfe6d23793ea9e78008407e2022f7e
SSDEEP

6144:9CMltB7VpK7DcFMr0+E7W148zZ+hp0fBa1Ew:A0t1fK7DfUVXhp0fQ1Ew

Score

N/A

Malware Config

Signatures

Files

664ce779de579b12f11ed6e4293f6b63.exe
.exe windows x86

98234e0f0224f45e67bab62b27cb6624

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterW
GetStringTypeA
WaitNamedPipeA
SetComputerNameW
CreateHardLinkA
GetFileAttributesExA
GetModuleHandleW
GetTickCount
SetCommState
GetPrivateProfileIntA
SetFileShortNameW
LoadLibraryW
GetFileAttributesA
GetFileAttributesW
WriteConsoleW
GetVolumePathNameA
GetConsoleAliasesW
FillConsoleOutputCharacterA
GetProcAddress
VirtualAlloc
CopyFileA
EnumSystemCodePagesW
LoadLibraryA
GetProcessWorkingSetSize
LocalAlloc
OpenJobObjectW
GetModuleHandleA
CreateMutexA
GetProcessAffinityMask
FindNextFileW
GetVolumeNameForVolumeMountPointW
AddConsoleAliasA
LCMapStringW
GetLastError
GetSystemDefaultLangID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapSize
RtlUnwind
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CloseHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetConsoleCP
GetConsoleMode
CreateFileA
SetStdHandle
LCMapStringA
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
GetProcessHeap
ReadFile

advapi32

BackupEventLogW

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98234e0f0224f45e67bab62b27cb6624

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 73KB - Virtual size: 72KB

.data Size: 100KB - Virtual size: 4.1MB

.rsrc Size: 141KB - Virtual size: 140KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 73KB - Virtual size: 72KB

.data
Size: 100KB - Virtual size: 4.1MB

.rsrc
Size: 141KB - Virtual size: 140KB

.reloc
Size: 16KB - Virtual size: 16KB