108c313a109462a39d61c7dfd7c2bee9d4bcb711cdee6bf9f7d683d5f5371402

Sharing

Copy URL

Twitter E-mail

General

Target

108c313a109462a39d61c7dfd7c2bee9d4bcb711cdee6bf9f7d683d5f5371402
Size

1.2MB
MD5

516bb6b9fe191c69a389977cc5304b82
SHA1

843195b58bd36958accb61b1e0d13a0d1433477d
SHA256

108c313a109462a39d61c7dfd7c2bee9d4bcb711cdee6bf9f7d683d5f5371402
SHA512

a02fc13e4b049ad90f5b50234d7613d064e2dff1892d7e03cd1fa490a76d64da2de6ad422b040f267139ced9e693d29c1135789323ee0b50d5710f17107d2033
SSDEEP

24576:Xw3NO15rX4wMqCQO/X35aBe7FgHAFWA0G9:XVH4wMqCQOfkgpggFr9

Score

N/A

Malware Config

Signatures

Files

108c313a109462a39d61c7dfd7c2bee9d4bcb711cdee6bf9f7d683d5f5371402
.exe windows x86

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
CreateEventA
SetEvent
GetComputerNameA
SetConsoleCtrlHandler
OutputDebugStringA
GetCommandLineW
GetCurrentThread
GetEnvironmentVariableA
Beep
DuplicateHandle
GetPriorityClass
GetVersionExA
CreateNamedPipeA
GetFileType
PeekNamedPipe
SetConsoleTitleA
FillConsoleOutputAttribute
GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceFrequency
GetExitCodeThread
WideCharToMultiByte
IsDBCSLeadByteEx
InterlockedExchange
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreatePipe
CreateProcessW
RaiseException
GetEnvironmentStringsW
GetLastError
ReadFile
ResumeThread
Sleep
WaitForSingleObject
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
RtlUnwind
UnhandledExceptionFilter
WriteFile
CreateThread
ExitProcess
FreeLibrary
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
MultiByteToWideChar
InterlockedIncrement
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetConsoleScreenBufferInfo
ReadConsoleA
ReadConsoleW
FillConsoleOutputCharacterA
DisableThreadLibraryCalls
EnterCriticalSection

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen

msvcrt

memset
strncat
isspace
printf
free
wcsstr
tolower
fgetwc
rewind
strtoul
wcslen
strstr
strrchr
_getch
strcat
realloc
qsort
memmove
memcmp
malloc
localeconv
getenv
ftell
fseek
fread
fputc
fopen
fclose
atol
strncmp

rpcrt4

RpcRaiseException

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a87b598d6451207cdf7fb5beb0a0803

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

oleaut32

msvcrt

rpcrt4

Sections

.text Size: 180KB - Virtual size: 177KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 92KB - Virtual size: 2.6MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 180KB - Virtual size: 177KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 92KB - Virtual size: 2.6MB

.rsrc
Size: 8KB - Virtual size: 5KB