ff17e08fc92c834b3f7726ab55c2c303c8d0199fad9941b34f32f7b388061555

Sharing

Copy URL Twitter E-mail

General

Target

ff17e08fc92c834b3f7726ab55c2c303c8d0199fad9941b34f32f7b388061555
Size

1.2MB
MD5

39c63089bb34997bc9c22e9d5f9c9cce
SHA1

c18d06f4363ae04dac0175a6f5238d244fd797a0
SHA256

ff17e08fc92c834b3f7726ab55c2c303c8d0199fad9941b34f32f7b388061555
SHA512

171789ed99339eddc064b8c7dddbc9ba95cbbf1e9fb154ae44a78fe061983f97e5e1b7d9d05611763dcc947a284228c0cb9443c45fbf0cfbeaadaf048bcafd84
SSDEEP

24576:bLFVxDY9+oVsCUV+yhlavQfVRVag8maRoSnI4t2:zxDY9VVLo+ymvQfVRVV5BSpM

Score

N/A

Malware Config

Signatures

Files

ff17e08fc92c834b3f7726ab55c2c303c8d0199fad9941b34f32f7b388061555
.exe windows x86

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
CreateEventA
SetEvent
GetComputerNameA
SetConsoleCtrlHandler
OutputDebugStringA
GetCommandLineW
GetCurrentThread
GetEnvironmentVariableA
Beep
DuplicateHandle
GetPriorityClass
GetVersionExA
CreateNamedPipeA
GetFileType
PeekNamedPipe
SetConsoleTitleA
FillConsoleOutputAttribute
GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceFrequency
GetExitCodeThread
WideCharToMultiByte
IsDBCSLeadByteEx
InterlockedExchange
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreatePipe
CreateProcessW
RaiseException
GetEnvironmentStringsW
GetLastError
ReadFile
ResumeThread
Sleep
WaitForSingleObject
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RtlUnwind
UnhandledExceptionFilter
WriteFile
CreateThread
ExitProcess
FreeLibrary
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
MultiByteToWideChar
InterlockedIncrement
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetConsoleScreenBufferInfo
ReadConsoleA
ReadConsoleW
FillConsoleOutputCharacterA
DisableThreadLibraryCalls
EnterCriticalSection

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen

msvcrt

memset
strncat
isspace
printf
free
wcsstr
tolower
fgetwc
rewind
strtoul
wcslen
strstr
strrchr
_getch
strcat
realloc
qsort
memmove
memcmp
malloc
localeconv
getenv
ftell
fseek
fread
fputc
fopen
fclose
atol
strncmp

rpcrt4

RpcRaiseException

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

oleaut32

msvcrt

rpcrt4

Sections

.text Size: 180KB - Virtual size: 176KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 92KB - Virtual size: 2.6MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 180KB - Virtual size: 176KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 92KB - Virtual size: 2.6MB

.rsrc
Size: 8KB - Virtual size: 5KB