4011587fb2a917e8fd7689be9acc9b55c6ffa66de19a2362562d02667b4ce14c

Sharing

Copy URL

Twitter E-mail

General

Target

4011587fb2a917e8fd7689be9acc9b55c6ffa66de19a2362562d02667b4ce14c
Size

1.2MB
MD5

013c6e3bdb2cb4566b1b21f5c3c0ce6d
SHA1

5864d5353b212236641306238ebb13aedefb660d
SHA256

4011587fb2a917e8fd7689be9acc9b55c6ffa66de19a2362562d02667b4ce14c
SHA512

e00e541e31e82f8a2c4f4dbb54429005f2a9d1a53247a8fd04b4b7509c0a66ca8c3c5ecacc1349657cdb889310ada11e4447676ea62eec4fd2ed393c00050430
SSDEEP

24576:k3yfvKt5G7grRH9tevg8efAQFzl1z0u3y:FfvKw7ARH7z/tz0/

Score

N/A

Malware Config

Signatures

Files

4011587fb2a917e8fd7689be9acc9b55c6ffa66de19a2362562d02667b4ce14c
.exe windows x86

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
CreateEventA
SetEvent
GetComputerNameA
SetConsoleCtrlHandler
OutputDebugStringA
GetCommandLineW
GetCurrentThread
GetEnvironmentVariableA
Beep
DuplicateHandle
GetPriorityClass
GetVersionExA
CreateNamedPipeA
GetFileType
PeekNamedPipe
SetConsoleTitleA
FillConsoleOutputAttribute
GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceFrequency
GetExitCodeThread
WideCharToMultiByte
IsDBCSLeadByteEx
InterlockedExchange
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreatePipe
CreateProcessW
RaiseException
GetEnvironmentStringsW
GetLastError
ReadFile
ResumeThread
Sleep
WaitForSingleObject
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RtlUnwind
UnhandledExceptionFilter
WriteFile
CreateThread
ExitProcess
FreeLibrary
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
MultiByteToWideChar
InterlockedIncrement
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetConsoleScreenBufferInfo
ReadConsoleA
ReadConsoleW
FillConsoleOutputCharacterA
DisableThreadLibraryCalls
EnterCriticalSection

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen

msvcrt

memset
strncat
isspace
printf
free
wcsstr
tolower
fgetwc
rewind
strtoul
wcslen
strstr
strrchr
_getch
strcat
realloc
qsort
memmove
memcmp
malloc
localeconv
getenv
ftell
fseek
fread
fputc
fopen
fclose
atol
strncmp

rpcrt4

RpcRaiseException

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

oleaut32

msvcrt

rpcrt4

Sections

.text Size: 180KB - Virtual size: 179KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 92KB - Virtual size: 2.6MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 180KB - Virtual size: 179KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 92KB - Virtual size: 2.6MB

.rsrc
Size: 8KB - Virtual size: 5KB