af923f693f92e24f5b30d3921beb44456530e24c81ae3b43c8353c3b997d8c36

General

Target

af923f693f92e24f5b30d3921beb44456530e24c81ae3b43c8353c3b997d8c36
Size

20KB
MD5

d8a73b5952db629ed12ef41747c2d697
SHA1

7a8e3d275676ed1bce938c0166a0253a22d593f3
SHA256

af923f693f92e24f5b30d3921beb44456530e24c81ae3b43c8353c3b997d8c36
SHA512

59c4cd38add881d88369dbc23027acf9b2f0d767a31574971936eda91a18de929abbb23698f6d0b791c1669f7988c58d2d838e38d6da61add420b7f3359897f1
SSDEEP

384:4AaIxl6sxFJzT/DoJpyj3esXisInfc6UvCyZg70hy9xddFfWVGm0:4ERxFJzT/DoJpyjVIcnvCyZg70hCgVn0

Score

N/A

Malware Config

Signatures

Files

af923f693f92e24f5b30d3921beb44456530e24c81ae3b43c8353c3b997d8c36
.exe windows x86

97d5866c15ff1afad3a3d12e30de034e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetProcessHeap
GetStdHandle
GetCommandLineW
GetACP
InterlockedIncrement
InterlockedExchange
GetLocalTime
InterlockedDecrement
GetComputerNameW
GetStringTypeW
GetStringTypeA
GetSystemDirectoryW

ntdll

DbgPrint
NtDelayExecution
RtlNumberOfSetBits
RtlAddAce
_allmul
RtlLengthSid
_alldiv
NtQueryInformationThread
RtlCreateAcl
RtlFindMessage

ulib

?GetStandardInput@PROGRAM@@UAEPAVSTREAM@@XZ
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
??0LONG_ARGUMENT@@QAE@XZ
??0PATH_ARGUMENT@@QAE@XZ
?Fatal@PROGRAM@@UBAXKKPADZZ
?QueryDirectory@SYSTEM@@SGPAVFSN_DIRECTORY@@PBVPATH@@E@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Strcat@WSTRING@@QAEEPBV1@@Z

msvcrt

??2@YAPAXI@Z
_errno
_XcptFilter
wcslen
__p__fmode
__winitenv
time
malloc
__set_app_type

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97d5866c15ff1afad3a3d12e30de034e

Headers

File Characteristics

Imports

kernel32

ntdll

ulib

msvcrt

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 50KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 50KB

.reloc
Size: 3KB - Virtual size: 3KB