214e18886bbbcfa632c6540c9784fe8dec33c54af5b611305fca21335764bb27

Sharing

Copy URL

Twitter E-mail

General

Target

214e18886bbbcfa632c6540c9784fe8dec33c54af5b611305fca21335764bb27
Size

153KB
MD5

194a73421429fd36d5098d769ab188a5
SHA1

65ce1db9b87ec1bb397954a86573b1b3122610a0
SHA256

214e18886bbbcfa632c6540c9784fe8dec33c54af5b611305fca21335764bb27
SHA512

a2d37ddc28a55ad0b8098e6349f6a47e1dafa0caa65b5f63c85960bb3aae40fc18e7b8fa341fe42e734977a1053e4aff34f3f468112b9e66dd4e80e45f2ce282
SSDEEP

3072:yLeb8xG4IRYt1kkseGylMuBxnCZBhTqhSWim55wUH:yLe54IRYtmkseBW8gZnqQMRH

Score

N/A

Malware Config

Signatures

Files

214e18886bbbcfa632c6540c9784fe8dec33c54af5b611305fca21335764bb27
.exe windows x86

56eb2b1178ed5956f84e7e2eb278fd1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
WritePrivateProfileStructA
SetLocalTime
FreeLibrary
CallNamedPipeA
SetUnhandledExceptionFilter
InterlockedIncrement
ReadConsoleA
SetEnvironmentVariableW
GetNamedPipeHandleStateA
WaitForSingleObject
OpenSemaphoreA
ConnectNamedPipe
GetModuleHandleW
FindNextVolumeMountPointA
SetCommState
SetProcessPriorityBoost
GetPriorityClass
GlobalAlloc
LoadLibraryW
LocalShrink
Sleep
CopyFileW
SizeofResource
SetConsoleMode
GetFileAttributesW
SetSystemPowerState
SetFilePointer
IsDBCSLeadByte
lstrcatA
ExitThread
lstrlenW
DeactivateActCtx
CreateJobObjectA
VerifyVersionInfoW
GetLastError
SetLastError
GetProcAddress
ReadFileEx
SetStdHandle
GetConsoleDisplayMode
SearchPathA
BuildCommDCBAndTimeoutsW
SetFileApisToANSI
GetPrivateProfileStructA
GetTapeParameters
GetOEMCP
EnumResourceNamesA
RequestWakeupLatency
GetCurrentDirectoryA
FindAtomW
LocalFree
GetProfileSectionW
lstrcpyA
IsBadWritePtr
SetDefaultCommConfigA
HeapReAlloc
HeapAlloc
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ExitProcess
WriteFile
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
HeapSize
CreateFileA
CloseHandle
GetModuleHandleA
RaiseException

advapi32

IsTextUnicode

Exports

Exports

_alendelon@0
_gekkon@4
_gifgeek@8
_odekolon@4

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56eb2b1178ed5956f84e7e2eb278fd1c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 4.6MB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 4.6MB

.rsrc
Size: 10KB - Virtual size: 9KB