20d48d03330fe7f368359d4949eaae8303f7150d4a15fa60155a873cedd34feb

Sharing

Copy URL Twitter E-mail

General

Target

20d48d03330fe7f368359d4949eaae8303f7150d4a15fa60155a873cedd34feb
Size

1.2MB
MD5

f3808c5bdce3b413b7a4739aa43328cd
SHA1

e2b0fa6f00c88b27bb641de6839f3b35bed1c140
SHA256

20d48d03330fe7f368359d4949eaae8303f7150d4a15fa60155a873cedd34feb
SHA512

17131d83e596d995d0321b999b6afe6f318358d1f395981621089de69a58ac0628a3814da53b65d15f61453d2f61e94f5c828f7ce7b85a5f9d74df5799f645cf
SSDEEP

24576:wqJVrwunndI3tgc9jRB7HHxsUC+76YMkC/4GG:1Wunyyk+J+2YPQ4t

Score

N/A

Malware Config

Signatures

Files

20d48d03330fe7f368359d4949eaae8303f7150d4a15fa60155a873cedd34feb
.exe windows x86

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
CreateEventA
SetEvent
GetComputerNameA
SetConsoleCtrlHandler
OutputDebugStringA
GetCommandLineW
GetCurrentThread
GetEnvironmentVariableA
Beep
DuplicateHandle
GetPriorityClass
GetVersionExA
CreateNamedPipeA
GetFileType
PeekNamedPipe
SetConsoleTitleA
FillConsoleOutputAttribute
GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceFrequency
GetExitCodeThread
WideCharToMultiByte
IsDBCSLeadByteEx
InterlockedExchange
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreatePipe
CreateProcessW
RaiseException
GetEnvironmentStringsW
GetLastError
ReadFile
ResumeThread
Sleep
WaitForSingleObject
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RtlUnwind
UnhandledExceptionFilter
WriteFile
CreateThread
ExitProcess
FreeLibrary
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
MultiByteToWideChar
InterlockedIncrement
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetConsoleScreenBufferInfo
ReadConsoleA
ReadConsoleW
FillConsoleOutputCharacterA
DisableThreadLibraryCalls
EnterCriticalSection

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen

msvcrt

memset
strncat
isspace
printf
free
wcsstr
tolower
fgetwc
rewind
strtoul
wcslen
strstr
strrchr
_getch
strcat
realloc
qsort
memmove
memcmp
malloc
localeconv
getenv
ftell
fseek
fread
fputc
fopen
fclose
atol
strncmp

rpcrt4

RpcRaiseException

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

oleaut32

msvcrt

rpcrt4

Sections

.text Size: 184KB - Virtual size: 180KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 92KB - Virtual size: 2.6MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 184KB - Virtual size: 180KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 92KB - Virtual size: 2.6MB

.rsrc
Size: 8KB - Virtual size: 5KB