b01e515088bfdd6d86c73a0780062dbc4e4e78c60f3a197a496d0a4740ef5753

Sharing

Copy URL

Twitter E-mail

General

Target

b01e515088bfdd6d86c73a0780062dbc4e4e78c60f3a197a496d0a4740ef5753
Size

354KB
MD5

d24739440dcb6305975a48d7ca99c808
SHA1

c81cbb4636cd17976b571dee2c3765035a92bb41
SHA256

b01e515088bfdd6d86c73a0780062dbc4e4e78c60f3a197a496d0a4740ef5753
SHA512

104887a613ddf3f7aea2f85a0ee648c62cb4e586e3fb5b5287b49ec3974a8c3f164e0911564ee374cb21c1b1160f23d761a4f709ab83731c5307e8b1da31335a
SSDEEP

6144:k0UXbJREPLct+JbIchhw+k2sZudU19YD/XpkTayds4XkPt/F78Sk7HL:k0GbJRIoEVIcvrk2UuK19YD/Xpkhi40I

Score

N/A

Malware Config

Signatures

Files

b01e515088bfdd6d86c73a0780062dbc4e4e78c60f3a197a496d0a4740ef5753
.exe windows x86

dda5d831c197f5dbe3e053a5775ec949

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableW
GetTempFileNameW
GlobalMemoryStatus
WriteConsoleOutputCharacterW
lstrlenA
EnumDateFormatsExW
GetModuleHandleExA
SetEndOfFile
FindResourceExW
SystemTimeToTzSpecificLocalTime
HeapAlloc
SetWaitableTimer
ScrollConsoleScreenBufferW
GlobalLock
ConnectNamedPipe
GetConsoleAliasesA
GetCompressedFileSizeW
GlobalFindAtomA
LoadLibraryW
SizeofResource
GetSystemTimeAdjustment
InterlockedPopEntrySList
GetExitCodeProcess
GetModuleFileNameW
GetTimeZoneInformation
RaiseException
GetCurrentDirectoryW
SetLastError
GetProcAddress
HeapSize
HeapUnlock
GetConsoleDisplayMode
GlobalFree
OpenWaitableTimerA
GetAtomNameA
LocalAlloc
AddVectoredExceptionHandler
AddAtomW
GetCommMask
GetCurrentConsoleFont
GetSystemInfo
lstrcatW
CompareStringA
DeleteTimerQueueTimer
GetCurrentProcessId
SetFileAttributesW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleW
Sleep
ExitProcess
GetLastError
SetConsoleCtrlHandler
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
MultiByteToWideChar
GetLocaleInfoW
GetLocaleInfoA
GetModuleHandleA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FlushFileBuffers
ReadFile
CreateFileA
CloseHandle
CompareStringW
SetEnvironmentVariableA

Exports

Exports

Fobos
Left
OneMore
People
Superman

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 38.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cum
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dda5d831c197f5dbe3e053a5775ec949

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 296KB - Virtual size: 295KB

.data Size: 6KB - Virtual size: 38.6MB

.cum Size: 1024B - Virtual size: 4KB

.new Size: 13KB - Virtual size: 12KB

.rsrc Size: 37KB - Virtual size: 37KB

.text
Size: 296KB - Virtual size: 295KB

.data
Size: 6KB - Virtual size: 38.6MB

.cum
Size: 1024B - Virtual size: 4KB

.new
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 37KB - Virtual size: 37KB