68e00e2f71b7ae7c1124426680d387223bdde400865d1c5a6b90b296f7fcc628

Sharing

Copy URL

Twitter E-mail

General

Target

68e00e2f71b7ae7c1124426680d387223bdde400865d1c5a6b90b296f7fcc628
Size

167KB
MD5

1345f8eb15a6270dc2813925e753f298
SHA1

25bedbfa4934c2d91058a9b1f1d2c2703e7bdc2f
SHA256

68e00e2f71b7ae7c1124426680d387223bdde400865d1c5a6b90b296f7fcc628
SHA512

c1b6e60566d6388d7e656c28afd241a0678666b5efca431ff8d1173631eb511e27877d2047d356ccad1ef38fa3b5ceec958840021d4e580be576e006c7004ded
SSDEEP

3072:UKruHcjlP82XYPNp/3SGuaLkvoqh9WmF4PKSRlL7o15YwKm1kiC4+99zXmUhs5fG:UUuHcmjlp/iGu7v5ePKSjvo1TKmWR4+z

Score

1^/10

Malware Config

Signatures

Files

68e00e2f71b7ae7c1124426680d387223bdde400865d1c5a6b90b296f7fcc628
.exe windows x86

3b9c426a6fdec2cb62dc7c138a0d2616

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetWindowsDirectoryA
FindFirstVolumeMountPointW
FindFirstChangeNotificationA
WaitForSingleObject
ReadConsoleInputW
VerifyVersionInfoA
GetVersionExA
GetCurrentProcess
OpenEventA
CreateFileMappingW
SetLocaleInfoW
GetProcAddress
GlobalAlloc
GetConsoleTitleW
DeleteFileA
FindResourceW
GetLongPathNameA
GetBinaryTypeA
SetLastError
GetProfileSectionA
WriteProfileStringW
GetComputerNameExW
GetConsoleMode
WriteProfileSectionW
SetVolumeMountPointA
EnumResourceLanguagesA
CommConfigDialogA
EnumDateFormatsA
DeleteVolumeMountPointA
GetModuleHandleA
ZombifyActCtx
WritePrivateProfileStringW
GetSystemDirectoryA
GetStringTypeW
GetShortPathNameW
EnumCalendarInfoA
VerifyVersionInfoW
EnumCalendarInfoW
FindNextFileW
ReleaseActCtx
BuildCommDCBAndTimeoutsA
GetCurrentActCtx
FindFirstFileW
WriteConsoleW
GetConsoleAliasA
LoadLibraryA
HeapReAlloc
MultiByteToWideChar
RaiseException
RtlUnwind
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
IsProcessorFeaturePresent
HeapAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
InterlockedDecrement
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
HeapSize
SetStdHandle
WideCharToMultiByte
GetConsoleCP
FlushFileBuffers
LoadLibraryW
LCMapStringW
SetFilePointer

user32

LoadMenuA
GetMessagePos

advapi32

RevertToSelf

shell32

FindExecutableW

ole32

CoGetInstanceFromFile

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b9c426a6fdec2cb62dc7c138a0d2616

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 77KB - Virtual size: 1.3MB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 77KB - Virtual size: 1.3MB

.rsrc
Size: 9KB - Virtual size: 9KB