0eaae6a216141ab5f362e917d404c6b2[.]exe[.]vir

Sharing

Copy URL Twitter E-mail

General

Target

0eaae6a216141ab5f362e917d404c6b2.exe.vir
Size

2.1MB
MD5

0eaae6a216141ab5f362e917d404c6b2
SHA1

7249fa0cf482feef5fa884704f0cc49267bcc026
SHA256

7f1da7875a7bcbc8b3e7db8454c3ffb90b978a86f8e1c4166e6a360312a2c690
SHA512

58ed4ac98b086d0bb7e94329356442eb63b3abbd23e53cf9f3a51c547a3949530f5359993bc45b4422084abbc366d80e8df93ffda81399e4814d81b0280b0fbe
SSDEEP

24576:UDbRomzV4oNR1QNMTCZpdW+flFRhDAvep95qE3622/OPJU1iw2V58R81Qn0eFVqz:U6aQOTCpW+tavO5+fz+fOiRP1D1

Score

1^/10

Malware Config

Signatures

Files

0eaae6a216141ab5f362e917d404c6b2.exe.vir
.exe windows x86

28ba63887a8df9d139c48b1262416f80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateIoCompletionPort
CreateThread
CreateWaitableTimerExW
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
GetConsoleMode
GetEnvironmentStringsW
GetLastError
GetModuleFileNameA
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadContext
GetUserDefaultUILanguage
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
PostQueuedCompletionStatus
ResumeThread
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetThreadContext
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WriteConsoleW
WriteFile

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc

api-ms-win-crt-private-l1-1-0

memcpy

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
__p__acmdln
_beginthread
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_invalid_parameter_handler
abort
exit
signal

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite

api-ms-win-crt-string-l1-1-0

strlen
strncmp

advapi32

AllocateAndInitializeSid
CheckTokenMembership
FreeSid

shell32

ShellExecuteExA

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

Exports

Exports

_cgo_dummy_export

Sections

.text
Size: 1013KB - Virtual size: 1012KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 931KB - Virtual size: 930KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28ba63887a8df9d139c48b1262416f80

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

advapi32

shell32

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 1013KB - Virtual size: 1012KB

.rdata Size: 931KB - Virtual size: 930KB

.data Size: 98KB - Virtual size: 267KB

.tls Size: 512B - Virtual size: 8B

.reloc Size: 58KB - Virtual size: 57KB

.text
Size: 1013KB - Virtual size: 1012KB

.rdata
Size: 931KB - Virtual size: 930KB

.data
Size: 98KB - Virtual size: 267KB

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 58KB - Virtual size: 57KB