e9c77f7384ef9ab8fa6d9be339196075904f8a61c28a00b6cc25a411a6c3046d

General

Target

e9c77f7384ef9ab8fa6d9be339196075904f8a61c28a00b6cc25a411a6c3046d
Size

23KB
MD5

34d01b0aabf9c7d81e56edd3a0c20752
SHA1

154da51e47d1d5de813dbb1689c31db5107c073c
SHA256

e9c77f7384ef9ab8fa6d9be339196075904f8a61c28a00b6cc25a411a6c3046d
SHA512

09523241d5fc6c2c7bffbc96d39db058450b7c073cdc3360c2ee19edd5d3922f383561b88f40a55af5269a9562b280a75e3f94b5e9f8158553a576e7187bbefe
SSDEEP

384:4AaIxl6sxFJzT/DoJpyj3esXisInfc6UvCyZg70hy9xddFfWVGma:4ERxFJzT/DoJpyjVIcnvCyZg70hCgVna

Score

N/A

Malware Config

Signatures

Files

e9c77f7384ef9ab8fa6d9be339196075904f8a61c28a00b6cc25a411a6c3046d
.exe windows x86

97d5866c15ff1afad3a3d12e30de034e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetProcessHeap
GetStdHandle
GetCommandLineW
GetACP
InterlockedIncrement
InterlockedExchange
GetLocalTime
InterlockedDecrement
GetComputerNameW
GetStringTypeW
GetStringTypeA
GetSystemDirectoryW

ntdll

DbgPrint
NtDelayExecution
RtlNumberOfSetBits
RtlAddAce
_allmul
RtlLengthSid
_alldiv
NtQueryInformationThread
RtlCreateAcl
RtlFindMessage

ulib

?GetStandardInput@PROGRAM@@UAEPAVSTREAM@@XZ
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
??0LONG_ARGUMENT@@QAE@XZ
??0PATH_ARGUMENT@@QAE@XZ
?Fatal@PROGRAM@@UBAXKKPADZZ
?QueryDirectory@SYSTEM@@SGPAVFSN_DIRECTORY@@PBVPATH@@E@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Strcat@WSTRING@@QAEEPBV1@@Z

msvcrt

??2@YAPAXI@Z
_errno
_XcptFilter
wcslen
__p__fmode
__winitenv
time
malloc
__set_app_type

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97d5866c15ff1afad3a3d12e30de034e

Headers

File Characteristics

Imports

kernel32

ntdll

ulib

msvcrt

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 50KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 50KB

.reloc
Size: 3KB - Virtual size: 3KB