c5d02966e29ec16eb2e6023b7dbdbac47ea4a036b2aaa5b5dd2d1a11a002578d

General

Target

c5d02966e29ec16eb2e6023b7dbdbac47ea4a036b2aaa5b5dd2d1a11a002578d
Size

100KB
MD5

bf05f6c3a7965ccbb918a00ef2cd799c
SHA1

8bab472b65585f5d9a9df20413b1cb4ca88eb0b2
SHA256

c5d02966e29ec16eb2e6023b7dbdbac47ea4a036b2aaa5b5dd2d1a11a002578d
SHA512

1a62ecf36f79a27ea7fdc18e4b3637dc8d6713b6eef0d34eedb551ce447d7134e3fae93f1b05d95f8fdb15f5cb52527897c34f16d50836e4ed4ff7dfed27728e
SSDEEP

1536:waWZvLrrwW34YcIbhat3aWFaGOO56lDU54EPqlogkqITP1/KzUxW:waWhLPT3fjlax7JN5ZPqogkqIv

Score

N/A

Malware Config

Signatures

Files

c5d02966e29ec16eb2e6023b7dbdbac47ea4a036b2aaa5b5dd2d1a11a002578d
.exe windows x86

9a3fde72b2436256909ac61679dec5ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalUnlock
InterlockedCompareExchange
SetVDMCurrentDirectories
RequestWakeupLatency
GetPrivateProfileSectionA
SetConsoleFont
SetMailslotInfo
VDMConsoleOperation
SetConsoleMaximumWindowSize
WaitCommEvent
FindCloseChangeNotification
CreateFileMappingA
SetCommBreak
ConvertThreadToFiber
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

NtSetInformationObject
RtlAddAuditAccessAceEx
NtAdjustGroupsToken
RtlGetControlSecurityDescriptor
RtlDeleteAtomFromAtomTable
ZwOpenIoCompletion
ZwQuerySymbolicLinkObject
NtCreateIoCompletion
ZwImpersonateClientOfPort
RtlpWaitForCriticalSection
NtCreateMailslotFile
ZwCreateMutant
ZwAllocateUuids
ZwSetIoCompletion
RtlIsTextUnicode
RtlAddCompoundAce
RtlEnlargedUnsignedMultiply
ZwDeleteKey

Exports

Exports

WriteDrnxfbfkfun
Diglqnlyrox
Mexmvacv
Xryyojeffu

Sections

.i71
Size: 4KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_PAGELK
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a3fde72b2436256909ac61679dec5ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

Exports

Exports

Sections

.i71 Size: 4KB - Virtual size: 100KB

_PAGELK Size: 80KB - Virtual size: 80KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

.i71
Size: 4KB - Virtual size: 100KB

_PAGELK
Size: 80KB - Virtual size: 80KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB