e264fcd8f8e2aaaea705249e54afb53a50476617b3899b9a816e79fc482fc8ca

Sharing

Copy URL

Twitter E-mail

General

Target

e264fcd8f8e2aaaea705249e54afb53a50476617b3899b9a816e79fc482fc8ca
Size

272KB
MD5

631f996881f9cafde049136372209e68
SHA1

83e54531e5d13dbeb359e546a1e35737fb036ef5
SHA256

e264fcd8f8e2aaaea705249e54afb53a50476617b3899b9a816e79fc482fc8ca
SHA512

b740ac8356186bf4160262c3361729c7e6549d6daf304375fe0da4273bf73c6df3546a6ffb40ea418bf3fdbe4e242a4ab680c7e183fd4462f10126742b9e7248
SSDEEP

6144:5tD779QJqN5gVmnGe2wMyhLu/d9jeEBrnqZ/q3/ec7qHPqf+:5tDX9QogVAKyq96yrnqomc7ePT

Score

N/A

Malware Config

Signatures

Files

e264fcd8f8e2aaaea705249e54afb53a50476617b3899b9a816e79fc482fc8ca
.exe windows x86

d1f2f7a14e6f94a8c9a108378dd93a9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
InitializeCriticalSectionAndSpinCount
MapViewOfFile
LocalFree
GetCurrentThreadId
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetFileSize
ResetEvent
SystemTimeToFileTime
FreeLibrary
CloseHandle
WaitForSingleObject
HeapFree
FreeEnvironmentStringsW
CreateFileMappingW
WideCharToMultiByte
lstrlenA
DeviceIoControl
CreateFileW
UnhandledExceptionFilter
HeapAlloc
VirtualProtect
LeaveCriticalSection
LocalAlloc
EnterCriticalSection
SetUnhandledExceptionFilter
SetFilePointer
GetModuleHandleW
FreeEnvironmentStringsA
GetDiskFreeSpaceA
ReadFile
CreateEventW
lstrlenW
IsProcessorFeaturePresent
DeleteCriticalSection
VirtualFree
GetProcessHeap
GetLocalTime
SetLastError
GlobalMemoryStatus
GetSystemDefaultLangID
UnmapViewOfFile
VirtualAllocEx

ntdll

RtlUnwind

msvcrt

malloc
free
memset
memmove
time
_wcsnicmp
__dllonexit
wcsncmp
rand
_wtoi
_itow
_purecall
_initterm
_vsnwprintf
_onexit
memcpy
_amsg_exit
_unlock
wcsstr
_ui64tow
srand
_XcptFilter
_lock
wcschr

rpcrt4

UuidFromStringW
RpcStringFreeW
I_RpcMapWin32Status
UuidToStringW

advapi32

CryptGenKey
RegCreateKeyExA
CryptDecrypt
CryptExportKey
CryptCreateHash
CryptAcquireContextW
RegSetValueExA
CryptGetHashParam
TraceEvent
CryptDestroyKey
RegQueryValueExA
CryptDestroyHash
CryptVerifySignatureA
CryptHashData
CryptSignHashA
CryptEncrypt
CryptImportKey
RegCloseKey
CryptReleaseContext

user32

GetKeyboardLayout
MessageBoxIndirectA
SendDlgItemMessageA
CreateWindowExW
EnableMenuItem
LoadMenuIndirectA
DialogBoxParamW
DialogBoxParamA
MonitorFromPoint
MessageBeep
GetMessageW
CreateDialogIndirectParamW
GetKeyState
LoadMenuIndirectW
SetFocus
InsertMenuItemW

traffic

TcQueryFlowA
TcSetFlowW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 241KB - Virtual size: 729KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f2f7a14e6f94a8c9a108378dd93a9d

Headers

File Characteristics

Imports

kernel32

ntdll

msvcrt

rpcrt4

advapi32

user32

traffic

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 241KB - Virtual size: 729KB

.rdata Size: 3KB - Virtual size: 403KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 241KB - Virtual size: 729KB

.rdata
Size: 3KB - Virtual size: 403KB

.rsrc
Size: 11KB - Virtual size: 10KB