a6b445f4464972dddd312e323950626a5a53b1c69107d42990d9734e3cb98e53

Sharing

Copy URL Twitter E-mail

General

Target

a6b445f4464972dddd312e323950626a5a53b1c69107d42990d9734e3cb98e53
Size

1.6MB
MD5

b175b743dca3ea2d707f9f23a04164e0
SHA1

b71de39ac0911d245bc163bc2388ec49ab8dd2d8
SHA256

a6b445f4464972dddd312e323950626a5a53b1c69107d42990d9734e3cb98e53
SHA512

fee599b4ab2bf0b59bd2f23989a563d8fefa36fca873a3131c547dd0e655fb803cfc25cc9c8fba1d391aef07a92c2976a53759e35e986bf1aa39ee145b786ad3
SSDEEP

12288:MbT6ZYJNfY5+IByybXKuLMrjJEMeGh/TFreT4PIxDJQGfs:XZQjEXbX34rjJEc7FHPoqx

Score

N/A

Malware Config

Signatures

Files

a6b445f4464972dddd312e323950626a5a53b1c69107d42990d9734e3cb98e53
.exe windows x86

c37f22b849f49a561bd66086a8af6ee4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
CreateWaitableTimerW
OpenEventA
FlushConsoleInputBuffer
OpenWaitableTimerW
SetNamedPipeHandleState
SetPriorityClass
OpenMutexW
FindFirstFileExA
GetUserDefaultLCID
SetConsoleOutputCP
Module32NextW
ContinueDebugEvent
GetLongPathNameA
CreateSemaphoreA
ReleaseMutex
GetCurrencyFormatA
GetMailslotInfo
TlsSetValue
GetFullPathNameA
Module32FirstW
IsValidLocale
GetFileSizeEx
OutputDebugStringW
CreateProcessA
GetDiskFreeSpaceExW
GetNumberFormatA
WideCharToMultiByte
DnsHostnameToComputerNameW
LocalFileTimeToFileTime
AddAtomW
SearchPathW
SetFileTime
GetCommandLineA
GetSystemDefaultLCID
CreateFileMappingA
ReadProcessMemory
GlobalAddAtomW
SearchPathA
CreateTapePartition
EraseTape
GetUserDefaultUILanguage
CreateWaitableTimerA
GetPrivateProfileStringW
SetConsoleMode
SetMailslotInfo
GetQueuedCompletionStatus
RegisterWaitForSingleObject
GetSystemDirectoryW
VirtualQuery
FreeEnvironmentStringsW
OpenEventW
CreateHardLinkA
GetTimeZoneInformation
UnregisterWait
DeviceIoControl
CreateMailslotA
WriteConsoleA
GlobalLock
DeleteAtom
VirtualAlloc
GetModuleHandleA
GetVersionExA
ExitProcess
GetProcAddress
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
HeapReAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
VirtualProtect
GetSystemInfo

user32

GetAltTabInfoA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c37f22b849f49a561bd66086a8af6ee4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 44KB - Virtual size: 44KB