9cec4b54902bc2cb7e92166af821173c3552a015fb0002fe32487a246d324fbf

Sharing

Copy URL Twitter E-mail

General

Target

9cec4b54902bc2cb7e92166af821173c3552a015fb0002fe32487a246d324fbf
Size

5.8MB
MD5

55e9a36a20115d254c9cbadc6dbb55aa
SHA1

c5c623754390a8fc8ff71cf7e1e54e469f7a2c4b
SHA256

9cec4b54902bc2cb7e92166af821173c3552a015fb0002fe32487a246d324fbf
SHA512

98b0a851a8410b7b5151b93bc3a02d24524ab5423b94805a286ed9900766da127d81b7c50633ed6b1791b1d23defe62f57de13438560726f0f119034165479cf
SSDEEP

98304:YiOQeaHmh4f0SGRzCeDtLWzWr0r/S2fM7iOmKECF1ecmdtbtwUujfTVFGQ0in:YiOQ7H0X156aYr/dUiHMN+b6jBFD0W

Score

N/A

Malware Config

Signatures

Files

9cec4b54902bc2cb7e92166af821173c3552a015fb0002fe32487a246d324fbf
.exe windows x86

65d3dd5925f5292f7b5d628543b4c71b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InitializeCriticalSection
DuplicateHandle
GetLastError
GetTickCount
GetProcAddress
InterlockedCompareExchange
GetCurrentThreadId
SetLastError
GetModuleHandleA
GetCurrentProcess
EnterCriticalSection
GetModuleHandleExW
CreateFileA
GetLocalTime
CreateFileW
LeaveCriticalSection
VirtualProtect
GetCurrentThread
CreateMutexA
CloseHandle
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcessId
FileTimeToLocalFileTime
Sleep
VirtualFree
GetVersionExA
VirtualAlloc
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FlushFileBuffers
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW

advapi32

RegOpenKeyExA
RegCreateKeyExW
RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyA
RegOpenKeyExW

user32

FindWindowA
PeekMessageW
PostQuitMessage
GetCursorPos
RegisterWindowMessageW
SetFocus
DefWindowProcW
SetWindowPos
UpdateWindow
LoadIconW
GetWindowTextW
SetForegroundWindow
DefWindowProcA
CreatePopupMenu
ShowWindow
RegisterWindowMessageA
BringWindowToTop
RegisterClassExA
RedrawWindow
GetMessageA
SendMessageW
DispatchMessageA
TrackPopupMenu
FindWindowW
PostMessageW
DestroyWindow
RegisterClassExW
GetParent

Sections

.text
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65d3dd5925f5292f7b5d628543b4c71b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 464KB - Virtual size: 464KB

.rdata Size: 364KB - Virtual size: 364KB

.data Size: 5.0MB - Virtual size: 5.0MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 464KB - Virtual size: 464KB

.rdata
Size: 364KB - Virtual size: 364KB

.data
Size: 5.0MB - Virtual size: 5.0MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 28KB - Virtual size: 28KB