af7edcecd3950ab2a10f26bb11631d69f9c58edcd50332227c9a1acc20934af8

Sharing

Copy URL Twitter E-mail

General

Target

af7edcecd3950ab2a10f26bb11631d69f9c58edcd50332227c9a1acc20934af8
Size

412KB
MD5

3971b1e03913186d01af9c4ea72d49ea
SHA1

2156ba937ab161142bac593a87044b8d478facda
SHA256

af7edcecd3950ab2a10f26bb11631d69f9c58edcd50332227c9a1acc20934af8
SHA512

7d45d4db386ae4576fe2151befc2cc75775d330c00fb56591ed3f2ca4b0388d88f6ae3d1f8f70b5282c41497a786ca712ecd0c29fcb26becec22f36ef211466f
SSDEEP

6144:l0znNefHPmX4wI5IdAuP/HP9oDTLdtpaF3an8nSFgn1v4Xy83eLf8:meEzTAu3vW9Sqnq8yEez

Score

N/A

Malware Config

Signatures

Files

af7edcecd3950ab2a10f26bb11631d69f9c58edcd50332227c9a1acc20934af8
.exe windows x86

2f0d265238ff2587df7631d45f6b8309

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetVersionExA
GetOEMCP
GetEnvironmentStringsW
GetTickCount
SetHandleCount
lstrlenA
TlsAlloc
GetModuleFileNameA
InterlockedExchangeAdd
CreateFileW
GetSystemInfo
CloseHandle
CreateThread
MultiByteToWideChar
FlushFileBuffers
GetCurrentProcess
WaitForSingleObject
TlsSetValue
CreateFileA
GetCommandLineW
SetLastError
GetModuleHandleW
LoadLibraryA
LCMapStringW
lstrlenW
ExitProcess
LocalFree
FreeEnvironmentStringsA
CreateEventW
RaiseException
GetCurrentProcessId
GetACP
FindClose
CreateEventA
SetEvent
SetStdHandle
GetStdHandle
HeapAlloc
GetFileSize
WideCharToMultiByte
InterlockedDecrement
ResetEvent
TerminateProcess
FileTimeToSystemTime
LocalAlloc
Sleep
GetProcessHeap
HeapFree
CompareStringA
TlsGetValue
CreateMutexW
GlobalAlloc
GetModuleFileNameW
FreeLibrary
SizeofResource
GetVersionExW
GetModuleHandleA
GetCurrentThread
GetCommandLineA
HeapReAlloc
GetStringTypeW
GlobalFree
GetEnvironmentStrings
HeapSize
RtlUnwind
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
DecodePointer
WriteFile
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsFree
InterlockedIncrement
GetCurrentThreadId
GetLastError
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
IsValidCodePage
IsProcessorFeaturePresent

shell32

SHFileOperationW

iphlpapi

SetIpNetEntry

scarddlg

ord1

Sections

.text
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f0d265238ff2587df7631d45f6b8309

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

iphlpapi

scarddlg

Sections

.text Size: 395KB - Virtual size: 394KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 8KB

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 395KB - Virtual size: 394KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 8KB

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 512B - Virtual size: 480B