kgjleknawaqupphppbnkdzbwspq[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

kgjleknawaqupphppbnkdzbwspq.exe
Size

997KB
MD5

ae27750ed89d50fb8de15c14578668e5
SHA1

ddea5b38dd82ee7c3840fed29b187a329ee403e7
SHA256

1f6a89e5980145c85fa489f86f526061a81c508f0d11fb0c63c6a0cb825d332f
SHA512

3da1dc458339e97f08bd4ffa1613a7ad44a73942d44208e68981fd0d4609ff4f3c801bd9f9585eef5a35ba675ae17bef3d6a8f7c464a48398e5963359e8d92a3
SSDEEP

24576:ZVGh32twKsnNo4CrapESnm7NbivzGNyvyw/T2ZpYW9rYN9:DG+h4i5Z4yNUCW

Score

N/A

Malware Config

Signatures

Files

kgjleknawaqupphppbnkdzbwspq.exe
.exe windows x86

a4c7d5d21bbb6ace95180532c79a4425

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetProcessHeap
CreateFileA
CloseHandle
TryEnterCriticalSection
DeleteCriticalSection
CreateFiber
DeleteFiber
SwitchToFiber
CreateActCtxA
ActivateActCtx
CreateThread
GetCurrentProcessId
GetWindowsDirectoryA
WaitForSingleObject
GetFileType
CreateNamedPipeA
ConnectNamedPipe
ExitProcess
VirtualAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryExW
LCMapStringW
GetStdHandle
GetStartupInfoW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetACP
GetStringTypeW
DecodePointer
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
GetCPInfo
IsValidCodePage
GetOEMCP
RaiseException
GetModuleHandleExW
SetFilePointerEx
WriteConsoleW
GetModuleFileNameW
ReadFile
ReadConsoleW
CreateFileW
HeapSize
HeapReAlloc
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
FindClose
FindFirstFileExW
FindNextFileW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 495KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 373KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4c7d5d21bbb6ace95180532c79a4425

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 495KB - Virtual size: 495KB

.data Size: 373KB - Virtual size: 375KB

.gfids Size: 512B - Virtual size: 176B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 495KB - Virtual size: 495KB

.data
Size: 373KB - Virtual size: 375KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 4KB