ad48e5c62d73af9612a176eb8c63e8f813abb82189962747191da3111527c775

Sharing

Copy URL Twitter E-mail

General

Target

ad48e5c62d73af9612a176eb8c63e8f813abb82189962747191da3111527c775
Size

223KB
MD5

1817ceb87258e823cd1f593a50747fcb
SHA1

872e7c1409e3f25e3feb2fca1a8c32283a1ad2d0
SHA256

ad48e5c62d73af9612a176eb8c63e8f813abb82189962747191da3111527c775
SHA512

0110b982b050eaf36c99a63170ab649c88984bc9319edf064550f66aaaa8459c7d499758df690c72b82d36a20355cec42b3d1cee56605a6ec5e85ff684bba2d6
SSDEEP

3072:/DKHuBgBJ2UUh6I0UY5p+ocDU9cx6K/mV4vJfPeX2h0VFh9sk:uhJ2DbG+o6acwK/mVZDB9sk

Score

N/A

Malware Config

Signatures

Files

ad48e5c62d73af9612a176eb8c63e8f813abb82189962747191da3111527c775
.exe windows x64

4c4d2e2436703d49c3b3c5732e984171

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-core-namedpipe-l1-1-0

CreatePipe

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
GetCommandLineA
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
WaitForSingleObject
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection

api-ms-win-core-processthreads-l1-1-0

TlsFree
TlsSetValue
TlsGetValue
ExitProcess
GetExitCodeProcess
TlsAlloc

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-file-l1-1-0

WriteFile
FindClose
FindFirstFileExW
SetFilePointerEx
FindNextFileW
ReadFile
CreateFileW
FlushFileBuffers
GetFileType

api-ms-win-core-localization-l1-2-0

FormatMessageW
GetCPInfo
IsValidCodePage
GetOEMCP
LCMapStringW
GetACP

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapSize
HeapReAlloc
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

RaiseException
GetLastError
SetLastError

api-ms-win-core-console-l2-1-0

SetConsoleTitleW

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
LoadLibraryExW
GetProcAddress
FreeLibrary
GetModuleFileNameW

kernel32

GetCurrentThreadId
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InitializeSListHead
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
GetCurrentProcessId
QueryPerformanceCounter

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwindEx
RtlPcToFileHeader

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-console-l1-1-0

WriteConsoleW
GetConsoleCP
SetConsoleMode
ReadConsoleInputW
ReadConsoleW
GetConsoleMode

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c4d2e2436703d49c3b3c5732e984171

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-console-l2-1-0

api-ms-win-core-libraryloader-l1-2-0

kernel32

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-console-l1-1-0

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 6KB - Virtual size: 5KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 2KB - Virtual size: 1KB