c14987c4c6fc2de2cac43355964465d7611652e29f699d64fa292399f526c103[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

c14987c4c6fc2de2cac43355964465d7611652e29f699d64fa292399f526c103.exe
Size

818KB
MD5

ae9a4663030ecd41b764cc839cb1e67f
SHA1

370d203085ef0465a81bfb4c82d4019beecefb13
SHA256

c14987c4c6fc2de2cac43355964465d7611652e29f699d64fa292399f526c103
SHA512

488f9e5146a12768b1b0f3297b5f8b7487d1f1aef2ba6fd9427ba873c7ab39e2ea34495b09bb458d7d395ccdc38d7cb9163740730026d82c7c52290e5007938a
SSDEEP

12288:fl2fjVNefHfMxT3J6uUA0HdQrXZo3zJA0adehtX24kJwdoXhHNswzAHnFw7w/QnO:Yb8/fJAKkX6jJFa8tXTkJbSrFbEiR

Score

1^/10

Malware Config

Signatures

Files

c14987c4c6fc2de2cac43355964465d7611652e29f699d64fa292399f526c103.exe
.exe windows x86

a449bb254a5a3d7e78e29b69597a0167

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputW
lstrlenA
TlsGetValue
SetLocalTime
GetDefaultCommConfigW
FreeLibrary
CallNamedPipeA
SetWaitableTimer
SetUnhandledExceptionFilter
ZombifyActCtx
GlobalSize
SetEnvironmentVariableW
CreateJobObjectW
HeapFree
SetHandleInformation
GetProfileSectionA
ConnectNamedPipe
GetProcessPriorityBoost
CreateNamedPipeW
VirtualFree
EnumTimeFormatsW
TzSpecificLocalTimeToSystemTime
GetPriorityClass
GetVolumeInformationA
GetConsoleMode
GetSystemPowerStatus
SizeofResource
SetVolumeMountPointA
DeleteVolumeMountPointW
LeaveCriticalSection
GlobalMemoryStatus
GetFileAttributesW
SetTimeZoneInformation
VerifyVersionInfoA
TerminateProcess
ReadFile
GetBinaryTypeW
DeactivateActCtx
GetLastError
SetComputerNameA
GetLocalTime
LoadLibraryA
OpenMutexA
LocalAlloc
MoveFileA
BuildCommDCBAndTimeoutsW
GetCommMask
GetOEMCP
DebugSetProcessKillOnExit
CreateIoCompletionPort
LoadLibraryExA
CreateMutexA
VirtualProtect
GetCurrentDirectoryA
GetVersionExA
GetSystemTime
GetConsoleSelectionInfo
lstrcpyA
SetConsoleCursorPosition
GetCommandLineW
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
DeleteFileA
GetStartupInfoW
UnhandledExceptionFilter
GetModuleFileNameW
HeapValidate
IsBadReadPtr
RaiseException
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCurrentProcess
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
GetModuleFileNameA
WriteFile
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetCPInfo
IsValidCodePage
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CloseHandle
CreateFileA
GetModuleHandleA

user32

GetAncestor
GetWindowInfo

advapi32

RevertToSelf

Exports

Exports

_go@4
_kir@8

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 600KB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a449bb254a5a3d7e78e29b69597a0167

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 600KB - Virtual size: 4.5MB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 600KB - Virtual size: 4.5MB

.rsrc
Size: 28KB - Virtual size: 28KB