21c83de1c74aeea4b57fcfe71bddeab242bda604529e92e487a0931de5bceed1

Sharing

Copy URL

Twitter E-mail

General

Target

21c83de1c74aeea4b57fcfe71bddeab242bda604529e92e487a0931de5bceed1
Size

570KB
MD5

0bf5a79f508676c7b6ca5ccdeb4ce490
SHA1

d04c501ae7eedef8c0c0132ebe7d844fa7b5ea15
SHA256

21c83de1c74aeea4b57fcfe71bddeab242bda604529e92e487a0931de5bceed1
SHA512

d1c0b85a730bed3a937c6048c9746bccb0b0b8ee03fef1b6fb033926a49086c06f94e2c735b12556d45478bcdcc0d7df2e1af5b6266b704eb741e217275d9f8e
SSDEEP

12288:roB/3ZSzTgu2VCBriSQxRLrEL6d1YtlndLCQZBWlUz0a40kf:roBxSv32VCBrivQ1VdLnZIULlY

Score

N/A

Malware Config

Signatures

Files

21c83de1c74aeea4b57fcfe71bddeab242bda604529e92e487a0931de5bceed1
.exe windows x86

59e699ea44486e144886fb6ad81ed89c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

tapi32

lineGetCallStatus
lineBlindTransferA
lineAccept
lineShutdown
lineInitializeExA

mscms

GetStandardColorSpaceProfileW
CloseColorProfile
OpenColorProfileA

kernel32

VirtualAlloc
WaitNamedPipeW
CreateMailslotA
GetCPInfoExW
GetModuleFileNameA
FindFirstVolumeW
TerminateProcess
FlushConsoleInputBuffer
MapViewOfFileEx
GetConsoleAliasW
RequestDeviceWakeup
GetHandleInformation
FindCloseChangeNotification
ResetEvent

Sections

.BSS
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 144KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 92KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 60KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 101KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59e699ea44486e144886fb6ad81ed89c

Headers

DLL Characteristics

File Characteristics

Imports

tapi32

mscms

kernel32

Sections

.BSS Size: 1KB - Virtual size: 1KB

.text Size: 35KB - Virtual size: 34KB

.bss Size: 144KB - Virtual size: 236KB

.bss Size: 92KB - Virtual size: 141KB

.idata Size: 60KB - Virtual size: 99KB

.edata Size: 101KB - Virtual size: 179KB

.bss Size: 76KB - Virtual size: 170KB

.rsrc Size: 59KB - Virtual size: 59KB

.BSS
Size: 1KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 34KB

.bss
Size: 144KB - Virtual size: 236KB

.bss
Size: 92KB - Virtual size: 141KB

.idata
Size: 60KB - Virtual size: 99KB

.edata
Size: 101KB - Virtual size: 179KB

.bss
Size: 76KB - Virtual size: 170KB

.rsrc
Size: 59KB - Virtual size: 59KB