506af351a6161f5c18fc7dbd67174ca317641d17

Sharing

Copy URL

Twitter E-mail

General

Target

506af351a6161f5c18fc7dbd67174ca317641d17
Size

117KB
MD5

2c9169600974ec7c6b6a6bd38bccda1a
SHA1

506af351a6161f5c18fc7dbd67174ca317641d17
SHA256

4d5d4495e3f5787646b35e6e2e4ba1f6b1962b19a516c24191776ff6201b419d
SHA512

e94d66945fe56d86e90c3f587468240143912b835382f35cfd246ffcaa4d79174e8d24fecf51be7e2edd2283206a581a26a70663e12dcd59e2f0626f2ce6d7a4
SSDEEP

3072:m8iL6pVpwLDi9k9ZW9nkv8dudL9Fvjsp3XzbNBZ:HiLQDwLDOnkcudZxsFdz

Score

N/A

Malware Config

Signatures

Files

506af351a6161f5c18fc7dbd67174ca317641d17
.exe windows x86

ece8121f5635961c697a3f4546d5deee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

VkKeyScanExW
SetRect
DialogBoxParamW
EnumDisplaySettingsExW
AllowForegroundActivation
GetParent
SetSystemCursor
DisableProcessWindowsGhosting
IsDialogMessageW
DefWindowProcW
GetMenuStringA
IsWindowInDestroy
AppendMenuW
ClipCursor
SetActiveWindow

advapi32

RemoveUsersFromEncryptedFile
RegReplaceKeyA
GetSidIdentifierAuthority
AreAllAccessesGranted
GetEffectiveRightsFromAclW
I_ScSetServiceBitsW
CreateServiceA
RegQueryValueExW
GetSidSubAuthorityCount
SystemFunction014
EnumDependentServicesW
SetSecurityInfoExW
RegSetValueExA
RegEnumValueW
CryptContextAddRef
AdjustTokenPrivileges

gdi32

GetPixel
OffsetRgn
CreateColorSpaceA
EngBitBlt
GdiGetPageHandle
DPtoLP
ExtTextOutW
GetBkColor
ExtEscape
EngPaint
EnumFontFamiliesExA

kernel32

DeleteFileA
PeekConsoleInputW
InterlockedCompareExchange
CreateSemaphoreA
CompareStringW
SetHandleCount
VerSetConditionMask
GetShortPathNameW
FindResourceExA
RtlUnwind
GetConsoleMode
VirtualAlloc
SetConsoleMode
GetTimeZoneInformation
GetComputerNameA
Module32FirstW
GetSystemWindowsDirectoryW
_hread
GetExitCodeThread
CreateDirectoryExW
UpdateResourceA
ShowConsoleCursor
CancelIo
GetCommTimeouts
HeapUnlock
GetProfileStringW
EnumResourceTypesA
SizeofResource
GetThreadSelectorEntry
GetProcessHeap
GetLongPathNameW
GetProcessPriorityBoost
IsBadReadPtr
OpenThread
CreateToolhelp32Snapshot
FindNextFileA
SuspendThread
CreateJobObjectW
CreateFileA
ContinueDebugEvent
GetModuleFileNameW
SetupComm
ConnectNamedPipe
GetCurrentDirectoryA
GetConsoleAliasExesLengthW

Sections

BSS
Size: 34KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 35KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 27KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ece8121f5635961c697a3f4546d5deee

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Sections

BSS Size: 34KB - Virtual size: 122KB

.bss Size: 35KB - Virtual size: 55KB

DATA Size: 27KB - Virtual size: 59KB

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

BSS
Size: 34KB - Virtual size: 122KB

.bss
Size: 35KB - Virtual size: 55KB

DATA
Size: 27KB - Virtual size: 59KB

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB