76a1b6ef5199f24cda81d9f7bb3ab3393e2ad699f5a48960f9515257bab4e6e3

Sharing

Copy URL

Twitter E-mail

General

Target

76a1b6ef5199f24cda81d9f7bb3ab3393e2ad699f5a48960f9515257bab4e6e3
Size

322KB
MD5

2cf28728954c08ba53d1f63599d02630
SHA1

ee3c89eaa49dceb7e6133f2d3f7c1c3b503d3869
SHA256

76a1b6ef5199f24cda81d9f7bb3ab3393e2ad699f5a48960f9515257bab4e6e3
SHA512

133f16907ecbb52e604bd3b7cebfe27f2cb6dd2b724d587b6127fccd18d04d1da51086625be67e4a6a274b5424a21dd25edcba7e9403cd71b349be30bdeb333f
SSDEEP

6144:qmRQyjGNnZKkoTTOlGFom3ZAS3OFoDxfsPNGX8GDVWJuYFhTNF:qbNZxoTSwFom3GS3ZdsPQXpVBgj

Score

N/A

Malware Config

Signatures

Files

76a1b6ef5199f24cda81d9f7bb3ab3393e2ad699f5a48960f9515257bab4e6e3
.exe windows x86

4e0a2bf6b9ac400eb30f3eac2360c586

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

InitializeProcessForWsWatch
GetWsChanges
GetProcessImageFileNameW
GetPerformanceInfo
GetDeviceDriverFileNameW
GetDeviceDriverBaseNameW
EnumProcesses
EnumPageFilesW
EnumDeviceDrivers
EmptyWorkingSet
GetProcessMemoryInfo

winscard

SCardGetStatusChangeW
SCardIntroduceReaderGroupW
SCardIsValidContext
SCardListReaderGroupsW
SCardListReadersW
SCardGetAttrib
SCardLocateCardsByATRW
SCardReleaseStartedEvent
SCardRemoveReaderFromGroupW
SCardState
SCardStatusW
SCardTransmit
SCardForgetReaderGroupW
SCardForgetReaderW
SCardEstablishContext
SCardEndTransaction
SCardDisconnect
SCardControl
SCardConnectW
SCardCancel
SCardLocateCardsA

sfc

SfcIsFileProtected

kernel32

IsDebuggerPresent
SetEnvironmentVariableA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapSize
RtlUnwind
GetLocaleInfoW
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
GetStringTypeW
LCMapStringW
HeapReAlloc
IsProcessorFeaturePresent
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
MultiByteToWideChar
SetErrorMode
GlobalFree
GlobalAlloc
QueryPerformanceFrequency
GlobalUnlock
SetEvent
GetCurrentProcess
LoadLibraryW
CreateProcessW
SetFileAttributesW
SetTapeParameters
VirtualProtect
GetSystemInfo
HeapAlloc
GetProcessHeap
GetSystemTimeAsFileTime
GetTimeFormatW
GetDateFormatW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EncodePointer
DecodePointer
TerminateProcess
WideCharToMultiByte
GetTimeZoneInformation
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentThread
GetProcAddress
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

Sections

.text
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e0a2bf6b9ac400eb30f3eac2360c586

Headers

DLL Characteristics

File Characteristics

Imports

psapi

winscard

sfc

kernel32

Sections

.text Size: 257KB - Virtual size: 257KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 19KB - Virtual size: 246KB

.text
Size: 257KB - Virtual size: 257KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 19KB - Virtual size: 246KB