7a0636196987e760983cc7dec71da532b752e7cae77cd0ec0733fcbb4f7e7742

Sharing

Copy URL

Twitter E-mail

General

Target

7a0636196987e760983cc7dec71da532b752e7cae77cd0ec0733fcbb4f7e7742
Size

221KB
MD5

f51d611ec181bc158e622d341d2191e4
SHA1

61d737c8d731d2a3c3b3a3e7bc911a1cbfcba23a
SHA256

7a0636196987e760983cc7dec71da532b752e7cae77cd0ec0733fcbb4f7e7742
SHA512

0848aeaf82314ba306abe3efd0e0538da9a5c410257c833696dd124b48359556122f36f5db4ea50ae617786267c0124a0cadb3beeb2db5bca0c583f69301a4c6
SSDEEP

3072:hNzzXHe8dCzFjsu5ljFAS4JX4PJXVtUOfyeOtNzgg7ElrjlDepoE:hFoPA5JsUOfyeG5grl3IOE

Score

N/A

Malware Config

Signatures

Files

7a0636196987e760983cc7dec71da532b752e7cae77cd0ec0733fcbb4f7e7742
.exe windows x86

f59fa15ad418b0b04b40a7c7d443c433

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrServerCall2
RpcServerUseProtseqEpA
RpcServerRegisterIf
RpcServerListen
RpcMgmtStopServerListening
RpcServerUnregisterIf

kernel32

WaitForSingleObject
CloseHandle
SetEvent
CreateFileA
FreeConsole
OpenEventA
SetErrorMode
FreeLibrary
LoadLibraryA
lstrlenA
GetModuleFileNameA
GetCurrentProcess
GetLastError
ResetEvent
InterlockedIncrement
InterlockedDecrement
CreateEventA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
DuplicateHandle
GetCPInfo
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
RtlUnwind
RaiseException
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetCommandLineA
LCMapStringA
LCMapStringW
GetStringTypeW
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
HeapSize
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetLocaleInfoW

advapi32

ReportEventA
DeregisterEventSource
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegisterEventSourceA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f59fa15ad418b0b04b40a7c7d443c433

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

advapi32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 15KB - Virtual size: 15KB