9e2924bc105f76e2e39bc9261807849e7c4ad00a0722f801973951fc3a048a10

Sharing

Copy URL Twitter E-mail

General

Target

9e2924bc105f76e2e39bc9261807849e7c4ad00a0722f801973951fc3a048a10
Size

1.2MB
MD5

4be4e039d10cf928e8433c08def90858
SHA1

4f43c6d3386f6ce63e2aded24b40f96b12200f51
SHA256

9e2924bc105f76e2e39bc9261807849e7c4ad00a0722f801973951fc3a048a10
SHA512

215fa549a1c4b1eeecc58fa9973608d10d1f45a7451c00fc2ed9300dbe22cbac6ea5bedb7110f1109df91c1ba24f22487a732ee6c88312fe45ccc6e3a44a9871
SSDEEP

24576:33PdIrVuqnUgJc8IozwbdiRhzGNYPfkhZoEp2GzPx:KEqpLIZ4bzGNY3kYEptx

Score

N/A

Malware Config

Signatures

Files

9e2924bc105f76e2e39bc9261807849e7c4ad00a0722f801973951fc3a048a10
.exe windows x86

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
CreateEventA
SetEvent
GetComputerNameA
SetConsoleCtrlHandler
OutputDebugStringA
GetCommandLineW
GetCurrentThread
GetEnvironmentVariableA
Beep
DuplicateHandle
GetPriorityClass
GetVersionExA
CreateNamedPipeA
GetFileType
PeekNamedPipe
SetConsoleTitleA
FillConsoleOutputAttribute
GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceFrequency
GetExitCodeThread
WideCharToMultiByte
IsDBCSLeadByteEx
InterlockedExchange
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreatePipe
CreateProcessW
RaiseException
GetEnvironmentStringsW
GetLastError
ReadFile
ResumeThread
Sleep
WaitForSingleObject
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RtlUnwind
UnhandledExceptionFilter
WriteFile
CreateThread
ExitProcess
FreeLibrary
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
MultiByteToWideChar
InterlockedIncrement
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetConsoleScreenBufferInfo
ReadConsoleA
ReadConsoleW
FillConsoleOutputCharacterA
DisableThreadLibraryCalls
EnterCriticalSection

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen

msvcrt

memset
strncat
isspace
printf
free
wcsstr
tolower
fgetwc
rewind
strtoul
wcslen
strstr
strrchr
_getch
strcat
realloc
qsort
memmove
memcmp
malloc
localeconv
getenv
ftell
fseek
fread
fputc
fopen
fclose
atol
strncmp

rpcrt4

RpcRaiseException

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

oleaut32

msvcrt

rpcrt4

Sections

.text Size: 180KB - Virtual size: 178KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 92KB - Virtual size: 2.6MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 180KB - Virtual size: 178KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 92KB - Virtual size: 2.6MB

.rsrc
Size: 8KB - Virtual size: 5KB