vce_exam_simulator_helper2[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

vce_exam_simulator_helper2.exe
Size

1.4MB
MD5

4b5690a124725645183d1fd640180059
SHA1

0423f6f7d581d957ea680ff200abdb2ce7f2fc74
SHA256

5c7438c2a96b05936a684eb2c923115b3fe13a327f39e676bd0f0c4ef35cc379
SHA512

2be2abfcdf6d31128f370ba83d786c43afb43ddac6875020061d632892037865ff93d919af1bce7d2bc0630cf12b0d4fda5a72e36e54dcc4c0cd47b66d16c246
SSDEEP

12288:HQwradevYeLLOpjweAc2BEsVkM1eJlCRwiXhSinpjMP+rhoPdsfGH1kSjK4Pk:HQwradevrL8DVQzkqcAyipvVQG+KiPk

Score

N/A

Malware Config

Signatures

Files

vce_exam_simulator_helper2.exe
.exe windows x64

bbc3d7ef40338190c786a3fc4ac40171

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

MultiByteToWideChar
GetTempPathA
GetLastError
CreateFileA
LoadLibraryA
HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
GetProcAddress
HeapSize
GetProcessHeap
FreeLibrary
WideCharToMultiByte
GetComputerNameA
Sleep
SetEndOfFile
CreateFileW
SetStdHandle
GetModuleHandleA
CreateMutexA
InitializeCriticalSectionEx
GetCurrentProcess
SetLastError
HeapFree
DeleteCriticalSection
ReadFile
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
ReadConsoleW
HeapQueryInformation
DeleteFileW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
WriteConsoleW
GetFileType
WriteFile
GetStringTypeW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
EncodePointer
LocalFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleW
LCMapStringEx
GetLocaleInfoEx
CompareStringEx
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
CreateEventW
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapValidate
GetSystemInfo
GetStdHandle
RtlUnwind

user32

GetDC

advapi32

GetCurrentHwProfileA

oleaut32

VariantClear

gdiplus

GdipSaveImageToFile
GdipFree
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImageEncodersSize

ws2_32

socket
connect
gethostname
send
inet_addr
htons
WSAStartup
recv
closesocket

Sections

.text
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbc3d7ef40338190c786a3fc4ac40171

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdiplus

ws2_32

Sections

.text Size: 865KB - Virtual size: 864KB

.rdata Size: 224KB - Virtual size: 223KB

.data Size: 9KB - Virtual size: 25KB

.pdata Size: 40KB - Virtual size: 40KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 283KB - Virtual size: 282KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 865KB - Virtual size: 864KB

.rdata
Size: 224KB - Virtual size: 223KB

.data
Size: 9KB - Virtual size: 25KB

.pdata
Size: 40KB - Virtual size: 40KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 283KB - Virtual size: 282KB

.reloc
Size: 4KB - Virtual size: 4KB