17202a9f89f648fed42df3173dcbfc0250d774e8344c647200fd7324c2f68a1e

Sharing

Copy URL

Twitter E-mail

General

Target

17202a9f89f648fed42df3173dcbfc0250d774e8344c647200fd7324c2f68a1e
Size

307KB
MD5

ce56fcdcf4ec398b1f813a044af5021b
SHA1

2157b7cc5ff971f61e69fd41b9e14eda88eba404
SHA256

17202a9f89f648fed42df3173dcbfc0250d774e8344c647200fd7324c2f68a1e
SHA512

d59be89eca649ba7ed460324c6817c443d1c0bc7c33d42e5b62a69c10718498af2c6affe0078e7fb052feab40db028802329352ce712c962d771ea3177f510c3
SSDEEP

6144:zsXjQ+kjDUWmFo89Z9uxWzHDYLZJiXJ9LKKTiRAowCt2Vv9SdaD:oXE+YIeEjDiWL4bt2fSK

Score

N/A

Malware Config

Signatures

Files

17202a9f89f648fed42df3173dcbfc0250d774e8344c647200fd7324c2f68a1e
.exe windows x86

b616d32d11ba738730ae899e468d634e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetModuleHandleW
GetOEMCP
WriteFile
lstrlenW
TerminateProcess
MultiByteToWideChar
FormatMessageW
GetConsoleOutputCP
FindClose
LCMapStringW
LeaveCriticalSection
GetVersionExW
SetEnvironmentVariableA
FreeLibrary
CreateMutexW
CompareStringA
TlsSetValue
DeleteCriticalSection
GetFileSize
EnterCriticalSection
SetStdHandle
InterlockedDecrement
lstrlenA
GetACP
LockResource
CreateEventA
HeapDestroy
GetCommandLineW
GetVersionExA
GetTimeZoneInformation
IsValidCodePage
SizeofResource
HeapReAlloc
GetCommandLineA
GlobalAlloc
TlsAlloc
GetSystemInfo
FileTimeToLocalFileTime
RaiseException
GetFileAttributesA
GetStringTypeW
SetHandleCount
CreateEventW
GetModuleHandleA
SetFilePointer
TlsGetValue
Sleep
GetExitCodeProcess
WaitForSingleObject
CreateFileW
SetEvent
LoadLibraryA
CreateThread
CloseHandle
GetModuleFileNameW
LCMapStringA
SetFilePointerEx
GetModuleFileNameA
GlobalFree
FileTimeToSystemTime
InterlockedExchangeAdd
FreeEnvironmentStringsW
LocalAlloc
ResetEvent
CreateFileMappingA
GetStdHandle
WideCharToMultiByte
GetEnvironmentStrings
GetTickCount
GetCurrentProcessId
GetProcessHeap
VirtualAlloc
GetEnvironmentStringsW
InterlockedCompareExchange
HeapFree
HeapAlloc
GetStartupInfoA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
ExitProcess
FreeEnvironmentStringsA
GetLastError
GetFileType
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetCurrentThread
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSection
GetCPInfo
RtlUnwind
HeapSize
GetLocaleInfoA
GetLocaleInfoW
GetStringTypeA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CompareStringW

ole32

OleGetClipboard

advapi32

DeregisterEventSource
CryptAcquireContextW
RevertToSelf
RegQueryInfoKeyW
AllocateAndInitializeSid
RegQueryValueExW
CloseServiceHandle
RegCreateKeyExA
RegEnumValueA
InitializeAcl
OpenProcessToken
OpenThreadToken
RegCreateKeyExW
RegEnumValueW
RegDeleteValueW
CryptAcquireContextA
AddAccessAllowedAceEx
RegEnumKeyExW
RegSetValueExW
AdjustTokenPrivileges
FreeSid
CryptGenRandom
QueryServiceStatus
RegDeleteKeyW
RegDeleteValueA
LookupPrivilegeValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
CryptReleaseContext
AddAccessAllowedAce
OpenServiceW
GetLengthSid
GetTokenInformation
EqualSid
RegDeleteKeyA
RegEnumKeyExA
CryptDestroyHash
RegCloseKey
RegOpenKeyExW

iphlpapi

GetTcpTable

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b616d32d11ba738730ae899e468d634e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

advapi32

iphlpapi

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 213KB - Virtual size: 215KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 213KB - Virtual size: 215KB

.rsrc
Size: 10KB - Virtual size: 9KB