ad48365cacfc5d4837cec451b06f7231e516784858c14c19b885ac2001aa1e26

Sharing

Copy URL Twitter E-mail

General

Target

ad48365cacfc5d4837cec451b06f7231e516784858c14c19b885ac2001aa1e26
Size

758KB
MD5

4d195588d7b716e1cf54585ca47dc666
SHA1

b2f00697f97fb9988fd12addbd00a7b18e19032c
SHA256

ad48365cacfc5d4837cec451b06f7231e516784858c14c19b885ac2001aa1e26
SHA512

db4eb60d5b6d88085fdeebfa380a3862ee1e186ee65f96bd039c99f718410af1985bfa67f374f121ae85ec2473eeca0cac9c1877badd388cb171f49d148a84d4
SSDEEP

12288:rwwAerFVOLUGOo00VUVUygy9OK7tBHXjtZdrZy4eZlRzT+v/+QSXrJYU9Cfi5+Em:kwAaOLUho00jGrZy3yv/+Q8rhC6Mj

Score

N/A

Malware Config

Signatures

Files

ad48365cacfc5d4837cec451b06f7231e516784858c14c19b885ac2001aa1e26
.exe windows x86

84a634cf5b421bd1ac5f29180017a598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetLogicalDriveStringsW
GetConsoleWindow
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GetStdHandle
GetFileType
WriteFile
GetLastError
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
FreeLibrary
GlobalMemoryStatus
LoadLibraryA
MultiByteToWideChar
FlushConsoleInputBuffer
EnterCriticalSection
LeaveCriticalSection
ReadFile
GetConsoleMode
ReadConsoleW
WideCharToMultiByte
GetConsoleCP
SetFilePointerEx
EncodePointer
DecodePointer
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
DeleteFileW
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
SetConsoleCtrlHandler
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
ReadConsoleInputA
GetWindowsDirectoryW
RaiseException
RtlUnwind
DeleteCriticalSection
GetStartupInfoW
SetStdHandle
FlushFileBuffers
CreateFileW
GetModuleHandleW
SetLastError
WriteConsoleW
HeapSize
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
GetCurrentDirectoryW
GetProcessHeap
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
SetEndOfFile
GetStringTypeW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetFileAttributesExW
CompareStringW
LCMapStringW
OutputDebugStringW
SetEnvironmentVariableA
GetDiskFreeSpaceExW
CloseHandle
CreateProcessW
SetConsoleMode
GetModuleFileNameW

user32

GetUserObjectInformationW
MessageBoxA
ShowWindow
GetProcessWindowStation

shlwapi

PathCombineW
PathFindExtensionW

advapi32

RegisterEventSourceA
DeregisterEventSource
ReportEventA

Exports

Exports

OPENSSL_Applink

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84a634cf5b421bd1ac5f29180017a598

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 552KB - Virtual size: 552KB

.rdata Size: 168KB - Virtual size: 167KB

.data Size: 10KB - Virtual size: 25KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 26KB - Virtual size: 25KB

.text
Size: 552KB - Virtual size: 552KB

.rdata
Size: 168KB - Virtual size: 167KB

.data
Size: 10KB - Virtual size: 25KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 26KB - Virtual size: 25KB