30c964f0a7ee54df720f50da060e1fb7431e22dd41d36ef94c68b629923c037c

Sharing

Copy URL

Twitter E-mail

General

Target

30c964f0a7ee54df720f50da060e1fb7431e22dd41d36ef94c68b629923c037c
Size

326KB
MD5

4db0169fe1a14f343e91d2e416dff52e
SHA1

5466887c56bb990631e3c5489acfc38bfca6792b
SHA256

30c964f0a7ee54df720f50da060e1fb7431e22dd41d36ef94c68b629923c037c
SHA512

87b95b6ff073a290b42319848607147528607926de4e6d6ea251f045232112621cdd8169109e3a0e635fdee8a9003f341d490021a476c4e827a9bc1b3437d540
SSDEEP

6144:fsVsVdyJQI0QOAKmTkayBnDpFgW50w92J4+D5rqGfnEAOAdqZNOFOh:fsugIQOZEdyBDpSWFOtvfEqdOUFOh

Score

N/A

Malware Config

Signatures

Files

30c964f0a7ee54df720f50da060e1fb7431e22dd41d36ef94c68b629923c037c
.exe windows x86

d20eb1af1e62fa4ab9291a0877200854

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetEvent
HeapCreate
HeapDestroy
GetCurrentDirectoryW
CreateFileW
WriteFile
OutputDebugStringA
SetLastError
GetCurrentProcessId
GetLocalTime
GetTickCount
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
IsDebuggerPresent
RaiseException
GetCurrentProcess
CreateThread
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
GetCommandLineW
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FlushFileBuffers
ReadFile
SetEndOfFile
SetFilePointerEx
GetLastError
CreateDirectoryW
GetFileAttributesExW
FindClose
FindFirstFileExW
FindNextFileW
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
FreeLibrary
LoadLibraryExW
RtlUnwind
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileType
GetStdHandle
GetCommandLineA
GetACP
GetTimeZoneInformation
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
WriteConsoleW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetTempPathA
Sleep
CreateEventW
WaitForSingleObject
GetModuleFileNameW
SetLocalTime

advapi32

OpenServiceW
StartServiceCtrlDispatcherW
InitializeSecurityDescriptor
StartServiceW
ControlService
RegisterServiceCtrlHandlerW
DeleteService
SetServiceStatus
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
CreateServiceW
SetSecurityDescriptorDacl

shell32

SHGetSpecialFolderPathW

libcurl

curl_easy_setopt
curl_easy_cleanup
curl_easy_init
curl_easy_perform

winhttp

WinHttpGetIEProxyConfigForCurrentUser

dbghelp

SymGetLineFromAddr64
SymFromAddr

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d20eb1af1e62fa4ab9291a0877200854

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

libcurl

winhttp

dbghelp

Exports

Exports

Sections

.text Size: 237KB - Virtual size: 236KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 4KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 1024B - Virtual size: 856B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 237KB - Virtual size: 236KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 4KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 1024B - Virtual size: 856B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB