d1eb36326f36920bcbbbec8e146f51e3f7ea76616c71828da24ef65dd8a721ea

General

Target

d1eb36326f36920bcbbbec8e146f51e3f7ea76616c71828da24ef65dd8a721ea
Size

312KB
MD5

e0a8da8222c203f79f506adfbf44f0a2
SHA1

36a8e5c8508be77513d6266309b18e1319ae1544
SHA256

d1eb36326f36920bcbbbec8e146f51e3f7ea76616c71828da24ef65dd8a721ea
SHA512

2c04c25ec6b81c4a0b3e82fe391bae97922aef95672f8c16112f4e46ef2a52a2cb698685d1ceaf22c234932966e2e6f5ed3f1be66f5ea5a57608643e3767fe02
SSDEEP

6144:L/cjgrSkvmnm8tpM22puw4G6q6z4Xa8sfd+TMVDJ4P2rKZbrlc2UH6rklfG:wISYb+Mb536vz6aNf4TMVD6P2wbrlcOu

Score

N/A

Malware Config

Signatures

Files

d1eb36326f36920bcbbbec8e146f51e3f7ea76616c71828da24ef65dd8a721ea
.exe windows x86

04b222044b720e32cafda1c732175640

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

loadperf

SetServiceAsTrustedW

kernel32

GetEnvironmentStringsW
GetOEMCP
GetSystemInfo
IsProcessorFeaturePresent
VirtualProtect
GetLastError
CloseHandle
GetFileType
CreateFileA
GetModuleHandleA
GetStartupInfoW
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
SetEndOfFile
ReadFile
SetFilePointer
MultiByteToWideChar
WriteFile
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetCommandLineA
GetCommandLineW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
GetStringTypeA
GetStringTypeW
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetLocaleInfoA
GetCPInfo
GetACP

Exports

Exports

EveryDuring
MoveThose

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04b222044b720e32cafda1c732175640

Headers

File Characteristics

Imports

loadperf

kernel32

Exports

Exports

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 78KB - Virtual size: 225KB

.rsrc Size: 1024B - Virtual size: 800B

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 78KB - Virtual size: 225KB

.rsrc
Size: 1024B - Virtual size: 800B