79d3ff3c3fa0d7611d3e110ad20e67c5dc8bea1164166dd298f43821a143dafa

Sharing

Copy URL Twitter E-mail

General

Target

79d3ff3c3fa0d7611d3e110ad20e67c5dc8bea1164166dd298f43821a143dafa
Size

217KB
MD5

a3d590e1cc0d771cea94665ad48c7dc2
SHA1

83b6e0dc8aba0ab812bcb8c7ae81dfe635e2105f
SHA256

79d3ff3c3fa0d7611d3e110ad20e67c5dc8bea1164166dd298f43821a143dafa
SHA512

6fd5e9c4ed454d264c059f21ef0737eebbe82658adbbabdbf04ca373236762e3daec96a648fae378ce6913a6e70b56fa135c37bf5b1110870381b02ad2dcdc4e
SSDEEP

3072:qUn1lkMsNwj5AFjAm1zlZ4iyyBvxgvK2cDl8nlkD9A/SelpBTDbv6pp4ZvQajgz9:H1lOwj5aAmt7Q0GCylkD9+Pbsp4aCgJ

Score

N/A

Malware Config

Signatures

Files

79d3ff3c3fa0d7611d3e110ad20e67c5dc8bea1164166dd298f43821a143dafa
.exe windows x86

eaada289b3b1aa3afd9f54026db1dcc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
HeapCreate
ReadFile
DisconnectNamedPipe
FlushFileBuffers
GetLastError
SetLastError
CreateNamedPipeA
LoadLibraryA
CreateFileMappingA
CloseHandle
WriteFile
CreateFileW
GetStringTypeW
LCMapStringW
MultiByteToWideChar
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetTickCount
ConnectNamedPipe
GetUserDefaultLCID
UnmapViewOfFile
HeapAlloc
MapViewOfFile
lstrlenA
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
LoadLibraryW
RaiseException

user32

GetMessageA
GetWindowRect
LoadIconA
EnumWindows
GetDC
TranslateMessage
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
SetWindowPos
ShowWindow
DispatchMessageA
UpdateWindow
LoadCursorA
RegisterClassA

gdi32

CreateDIBSection
SelectObject
CreateCompatibleDC
DeleteDC

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaada289b3b1aa3afd9f54026db1dcc6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 165KB - Virtual size: 172KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 165KB - Virtual size: 172KB

.rsrc
Size: 1KB - Virtual size: 1KB