c4997516f1ac56dac243fb78bd52a19f470d3bd3119ffb18a3eabf0f9ba368a7

Sharing

Copy URL Twitter E-mail

General

Target

c4997516f1ac56dac243fb78bd52a19f470d3bd3119ffb18a3eabf0f9ba368a7
Size

163KB
MD5

18b909e6d24f1f06a253f79d02b74117
SHA1

809ae1d8282e9732aa6972ccf5cf2dd9e589a69b
SHA256

c4997516f1ac56dac243fb78bd52a19f470d3bd3119ffb18a3eabf0f9ba368a7
SHA512

b2ba1e1847a248a783908e743472095cb619f9125c26c1937c26fe26279d57cd40c07b926c1d41ef7b5900f9e241a05422c73d8a57c34df70c09c9950f2b0dd0
SSDEEP

3072:UZ0msFRifErgKt7yrynT6YGAcmvLufF4uFzWYi953wsw+mOoUYiqlY:WsifEcyuryT6YGA7vLut4uBRO++mOoUR

Score

N/A

Malware Config

Signatures

Files

c4997516f1ac56dac243fb78bd52a19f470d3bd3119ffb18a3eabf0f9ba368a7
.exe windows x86

a839e61d4b4dbbad7bb9ac884d75a856

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

free
__initenv
_cexit
_XcptFilter
_exit
_c_exit
strchr
__getmainargs
fgets
wcscat
wcstok
wcschr
_wcsupr
wcsncpy
swprintf
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_iob
sscanf
strspn
strpbrk
_stricmp
_itoa
wcscmp
wcsrchr
exit
wcscpy
_wcsicmp
wcslen
malloc
_except_handler3

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

kernel32

LocalAlloc
GetProfileIntA
GetProfileStringA
GetModuleHandleA
GetCPInfo
SetThreadLocale
GetSystemDefaultLangID
LoadLibraryW
GetCommandLineW
ReadConsoleW
GetSystemTime
GetThreadLocale
GetTimeFormatW
GetLastError
GetConsoleOutputCP
LocalFree
WriteConsoleW
WriteFile
GetStdHandle
GetFileType
WideCharToMultiByte
LoadLibraryExW
FreeLibrary
MultiByteToWideChar
FormatMessageW

netapi32

NetScheduleJobAdd
NetApiBufferFree
NetScheduleJobEnum
NetScheduleJobDel
NetScheduleJobGetInfo
I_NetNameValidate

shell32

CommandLineToArgvW

user32

wsprintfW

ntdll

NtQuerySystemTime
RtlTimeToSecondsSince1970

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 57KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a839e61d4b4dbbad7bb9ac884d75a856

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

netapi32

shell32

user32

ntdll

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 6KB - Virtual size: 5KB

.data Size: 76KB - Virtual size: 128KB

.text Size: 57KB - Virtual size: 156KB

.data Size: 7KB - Virtual size: 7KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 6KB - Virtual size: 5KB

.data
Size: 76KB - Virtual size: 128KB

.text
Size: 57KB - Virtual size: 156KB

.data
Size: 7KB - Virtual size: 7KB