f799d4469558864df768573912b3bfb22e110e5c85880d4aca5b3dcc7ab31609

Sharing

Copy URL

Twitter E-mail

General

Target

f799d4469558864df768573912b3bfb22e110e5c85880d4aca5b3dcc7ab31609
Size

84KB
MD5

5fe06b9db2e3734cc4659823ea8d6621
SHA1

778fc46f4ea8dc54f248a6532ddb33cb7f16e795
SHA256

f799d4469558864df768573912b3bfb22e110e5c85880d4aca5b3dcc7ab31609
SHA512

76049c0fd3889f31f0dbd4f8d56be06a7dc865b0ef3ab57ca32086d2a0e01494ccc829ee93e8504a583c4eca35f6cc2ee202d7e1e141db20847c5cb5fed686ae
SSDEEP

768:w4HZYcwZ1aCrnZJY6c96vi79xRkNiQNlfPnw4abyxIwQW10oIxE08o4tDGkCT93s:XUrnzj019zkNT3qyGW10NKo4tDGkQiz

Score

N/A

Malware Config

Signatures

Files

f799d4469558864df768573912b3bfb22e110e5c85880d4aca5b3dcc7ab31609
.exe windows x86

f219cd58bf0ced96aa9dd93360d9759a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalShrink
CreateFileMappingW
ReleaseSemaphore
ConvertThreadToFiber
SetPriorityClass
ContinueDebugEvent
GetNamedPipeHandleStateW
GetThreadPriority
EncodeSystemPointer
GetCommandLineW
GetCommandLineA
GlobalUnfix
IsSystemResumeAutomatic
GlobalUnWire
GetStdHandle
CreateFiberEx
QueryMemoryResourceNotification
SetFileApisToANSI
CreateNamedPipeW
GetDevicePowerState
GetFileInformationByHandle
GetEnvironmentStringsW
GetLastError
MulDiv
CreateMemoryResourceNotification
EraseTape
RtlCaptureStackBackTrace
IsWow64Process
GetMailslotInfo
FreeEnvironmentStringsW
GetThreadContext
GetCommMask
SetSystemPowerState
TransmitCommChar
LocalCompact
SetProcessWorkingSetSize
GlobalCompact
SetLastError
ConvertFiberToThread
CancelIo
ReplaceFileA
GetModuleFileNameW
GetCommTimeouts
FindNextChangeNotification
CreateIoCompletionPort
GlobalUnlock
FreeUserPhysicalPages
GetFileTime
CreateTimerQueue
GetCurrentProcessId
SetMessageWaitingIndicator
GetProcessHeap
GlobalDeleteAtom
GetTapeStatus
DisableThreadLibraryCalls
FreeEnvironmentStringsA
GetAtomNameW
SetSystemTimeAdjustment
UnlockFileEx
GetProcessVersion
HeapAlloc
InterlockedDecrement
GetCPInfo
GetVersionExA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetModuleFileNameA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedIncrement
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetUnhandledExceptionFilter
GetEnvironmentStrings
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSection
OutputDebugStringA
RtlUnwind
LoadLibraryExA
GetACP
GetOEMCP
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
Sleep

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f219cd58bf0ced96aa9dd93360d9759a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 26KB - Virtual size: 25KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 26KB - Virtual size: 25KB