af49b57c1fc4781a7a38457c0b4a595dbb6b5bd7bc4ccafe15fb6b8ae29e17f8

Sharing

Copy URL Twitter E-mail

General

Target

af49b57c1fc4781a7a38457c0b4a595dbb6b5bd7bc4ccafe15fb6b8ae29e17f8
Size

6.0MB
MD5

da1678f8e9122100beaf0b7d27a0963e
SHA1

cea7e643817ccf5be7c01c29520bc44edcc6d0a7
SHA256

af49b57c1fc4781a7a38457c0b4a595dbb6b5bd7bc4ccafe15fb6b8ae29e17f8
SHA512

089f163ed03f09c1a1d2519fae4169edd4254c615ddabb80ee90c6aff88ec811458789d4eb09c9f8f20b8295a77cd2f03fe7bf9128b3742437e0b8536357903a
SSDEEP

98304:8QhYRF8HjnFVALeycE4LaaRWadmrfF+i870Kywfy7/kIgTf5EsxxFS+BVzKwMJ:8QhkSjFVwcERaoZ8/pyuTIGesQ+7+X

Score

N/A

Malware Config

Signatures

Files

af49b57c1fc4781a7a38457c0b4a595dbb6b5bd7bc4ccafe15fb6b8ae29e17f8
.exe windows x64

60e7e687b577a6c0b454e309c4b6b0bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libssl-1_1-x64

TLS_method

libcrypto-1_1-x64

ERR_load_BIO_strings

uv

uv_cwd

ws2_32

htons

kernel32

GetVersionExW
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

ShowWindow
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

advapi32

QueryServiceConfigA

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RANDOMX
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_SHA3_25
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vm0010
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vm0011
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60e7e687b577a6c0b454e309c4b6b0bd

Headers

DLL Characteristics

File Characteristics

Imports

libssl-1_1-x64

libcrypto-1_1-x64

uv

ws2_32

kernel32

user32

advapi32

wtsapi32

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 234KB

.data Size: - Virtual size: 587KB

.pdata Size: - Virtual size: 44KB

_RANDOMX Size: - Virtual size: 1KB

_SHA3_25 Size: - Virtual size: 2KB

_TEXT_CN Size: - Virtual size: 6KB

_TEXT_CN Size: - Virtual size: 4KB

_RDATA Size: - Virtual size: 148B

.vm0010 Size: - Virtual size: 3.4MB

.vm0011 Size: 5.8MB - Virtual size: 5.8MB

.reloc Size: 512B - Virtual size: 208B

.rsrc Size: 123KB - Virtual size: 123KB

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 234KB

.data
Size: - Virtual size: 587KB

.pdata
Size: - Virtual size: 44KB

_RANDOMX
Size: - Virtual size: 1KB

_SHA3_25
Size: - Virtual size: 2KB

_TEXT_CN
Size: - Virtual size: 6KB

_TEXT_CN
Size: - Virtual size: 4KB

_RDATA
Size: - Virtual size: 148B

.vm0010
Size: - Virtual size: 3.4MB

.vm0011
Size: 5.8MB - Virtual size: 5.8MB

.reloc
Size: 512B - Virtual size: 208B

.rsrc
Size: 123KB - Virtual size: 123KB