e7543e387f4d3836ac23253a2714c6d2451af227061e647504216680531a706c

Sharing

Copy URL Twitter E-mail

General

Target

e7543e387f4d3836ac23253a2714c6d2451af227061e647504216680531a706c
Size

313KB
MD5

d93158ae288aac9cae44279eaae2c313
SHA1

11e3e4d039df01f91ae8ca63cd1182a4b86d4bc8
SHA256

e7543e387f4d3836ac23253a2714c6d2451af227061e647504216680531a706c
SHA512

6d145d13a37d04af729681318d9d4e9683c7afcfcebc450271992f0ccff0ea26a88e033c8d56d5aa521a25fc658d73338a2dfa86b1a65f8255ac0c5d8a39eed4
SSDEEP

6144:xJqmcM+oTWFCMnqrSJpaSbEeCLeFkr+kgq5kyja7Tps:jqmt+gWFCMqKaSbVkeoaO

Score

N/A

Malware Config

Signatures

Files

e7543e387f4d3836ac23253a2714c6d2451af227061e647504216680531a706c
.exe windows x86

5cbb7568f49561070d64a7ead7738662

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
LCMapStringW
MultiByteToWideChar
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
CreateFileW
ConnectNamedPipe
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetEnvironmentStringsW
CloseHandle
CreateNamedPipeA
GetLastError
FlushFileBuffers
DisconnectNamedPipe
ReadFile
HeapCreate
GlobalAlloc
WriteFile
GetTickCount
HeapAlloc
lstrlenA
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
RaiseException

user32

GetMessageA
RegisterClassExA
LoadIconA
EnumWindows
TranslateMessage
MessageBoxA
UnregisterClassA
CreateWindowExA
TranslateAcceleratorA
DefWindowProcA
GetDesktopWindow
LoadAcceleratorsA
ShowWindow
DispatchMessageA
UpdateWindow
LoadCursorA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 255KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cbb7568f49561070d64a7ead7738662

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 255KB - Virtual size: 262KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 255KB - Virtual size: 262KB

.rsrc
Size: 10KB - Virtual size: 10KB