54da392d7204459210bc5035f612f5f7294973de31fc635e2cfc3af40c72aa9b

Sharing

Copy URL

Twitter E-mail

General

Target

54da392d7204459210bc5035f612f5f7294973de31fc635e2cfc3af40c72aa9b
Size

383KB
MD5

7273b9a307d1761e38b0cceac3281217
SHA1

a86108e33b221c84ec59c61b8a37febe2a8bbba8
SHA256

54da392d7204459210bc5035f612f5f7294973de31fc635e2cfc3af40c72aa9b
SHA512

62b0dc9696ba720af607acd48337a3273d32702f0cef841f4eac8bd355e3474bef0192baa734f2dae49fcf7fc0376a8489813a68b873f93c55227b64e85dcced
SSDEEP

6144:S+LBazVtCLeY8gHvizRzoSWAB2gAoasce2rr2uXGuh0J9c/DWsHnZnB:dLBazVtCyYNHuoSWzgAbXuuhRz5

Score

N/A

Malware Config

Signatures

Files

54da392d7204459210bc5035f612f5f7294973de31fc635e2cfc3af40c72aa9b
.exe windows x86

4121f9e3c687a61218814d1f7f6b1057

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
SetEndOfFile
BuildCommDCBAndTimeoutsA
SetUnhandledExceptionFilter
InterlockedIncrement
OpenSemaphoreA
CallNamedPipeW
FreeEnvironmentStringsA
_lclose
GetProcessPriorityBoost
ReadConsoleW
SetCommState
GetPriorityClass
GlobalAlloc
GetConsoleMode
CopyFileW
LeaveCriticalSection
WritePrivateProfileStructW
GetNamedPipeInfo
GetBinaryTypeA
TerminateProcess
IsDBCSLeadByte
ReadFile
lstrcatA
CopyFileExW
lstrlenW
FindNextVolumeMountPointW
GetNamedPipeHandleStateW
SetCurrentDirectoryA
GetStdHandle
SetLastError
GetProcAddress
GetTapeStatus
MoveFileW
SetComputerNameA
LoadLibraryA
BuildCommDCBAndTimeoutsW
SetConsoleDisplayMode
AddAtomA
GetPrivateProfileStructA
SetEnvironmentVariableA
EnumDateFormatsA
EnumResourceNamesA
RequestWakeupLatency
GetCurrentDirectoryA
GetVersionExA
LocalFree
GetACP
CreateMutexW
WideCharToMultiByte
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
MoveFileA
HeapFree
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetStartupInfoW
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA
GetModuleHandleA

advapi32

SetThreadToken

Exports

Exports

_asdga@4
_letter@12
_wedding@4
_weewgg@8
_welcome@4
_yongfeng@4

Sections

.text
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4121f9e3c687a61218814d1f7f6b1057

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 347KB - Virtual size: 347KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 4.0MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 347KB - Virtual size: 347KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 4.0MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 8KB - Virtual size: 7KB