e61aa6b535dd2a19973906160f98e416dd6826c20c1636ef4a8e6aa745f9bf15

Sharing

Copy URL Twitter E-mail

General

Target

e61aa6b535dd2a19973906160f98e416dd6826c20c1636ef4a8e6aa745f9bf15
Size

1.5MB
MD5

3cbf8b56ee72f9ace72e48830c0ae740
SHA1

23af5dff03f5ca0081441e6368ac3d47d1e4e202
SHA256

e61aa6b535dd2a19973906160f98e416dd6826c20c1636ef4a8e6aa745f9bf15
SHA512

b341a43f35cf45feb93d99530d4e6170741915d42b29345e434e3cc69bb87bb45536eff9c2c16bdf5101994628a93661677da6a0647597b182416d4b8739a361
SSDEEP

24576:THvr58U+TMrAhjH/Avg3S1xU1uiVKBJKgv5ROh41mFcOENq5FBtlLYSz8oc:THt8NbAvRzmKBTKcOEstBvz8t

Score

N/A

Malware Config

Signatures

Files

e61aa6b535dd2a19973906160f98e416dd6826c20c1636ef4a8e6aa745f9bf15
.exe windows x86

4d69a7f434f53fad0ca3e46fe36438ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetConsoleAliasExesA
GetLocaleInfoW
FreeUserPhysicalPages
GetFullPathNameA
GetProfileIntW
CreateWaitableTimerA
SetEnvironmentVariableA
OpenEventW
MultiByteToWideChar
CreateToolhelp32Snapshot
GetTimeFormatA
SetCalendarInfoA
Module32NextW
WaitForMultipleObjects
GetCurrentConsoleFont
FindAtomW
CreateJobObjectA
SetProcessAffinityMask
FindAtomA
SetConsoleTextAttribute
GetHandleInformation
DeleteTimerQueueEx
GetProfileStringW
GetCurrentDirectoryA
SetErrorMode
GetFileAttributesExA
CompareStringW
GetPrivateProfileStructA
GetCPInfo
GetPrivateProfileStringW
GetConsoleAliasExesW
EnumCalendarInfoExA
VirtualAlloc
GetTempPathW
FlushInstructionCache
GetFileAttributesA
FreeConsole
DeleteVolumeMountPointA
GetProcessVersion
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement

rpcrt4

NdrSimpleStructMarshall
NdrConvert
RpcBindingSetOption
RpcObjectSetType
IUnknown_Release_Proxy
RpcEpRegisterA
RpcRaiseException
NdrPointerUnmarshall
RpcErrorSaveErrorInfo
RpcBindingToStringBindingA
RpcAsyncGetCallStatus
NdrConformantArrayBufferSize
UuidIsNil
NdrInterfacePointerUnmarshall
UuidFromStringA
MesDecodeBufferHandleCreate
NdrAsyncClientCall
NdrUserMarshalUnmarshall
NdrPointerBufferSize
RpcServerUseProtseqIfW
NdrInterfacePointerFree
NdrConformantArrayMarshall
RpcServerUnregisterIfEx
UuidFromStringW
RpcServerYield
RpcServerUseProtseqEpExW
RpcBindingFree

user32

MessageBoxA
SetMenu
GetSysColor
LoadAcceleratorsW
OffsetRect
GetKeyState
GetWindowPlacement
UpdateWindow
CreateWindowExW
MapWindowPoints
RegisterClassW
FrameRect
LockWindowUpdate

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 258KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a6k0m
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.n3w
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdpc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdoo
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 617KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d69a7f434f53fad0ca3e46fe36438ec

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

user32

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 258KB - Virtual size: 493KB

.a6k0m Size: 174KB - Virtual size: 174KB

.n3w Size: 112KB - Virtual size: 111KB

.jdpc Size: 142KB - Virtual size: 142KB

.xdoo Size: 71KB - Virtual size: 71KB

.rsrc Size: 617KB - Virtual size: 617KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 258KB - Virtual size: 493KB

.a6k0m
Size: 174KB - Virtual size: 174KB

.n3w
Size: 112KB - Virtual size: 111KB

.jdpc
Size: 142KB - Virtual size: 142KB

.xdoo
Size: 71KB - Virtual size: 71KB

.rsrc
Size: 617KB - Virtual size: 617KB