8b7ec8d1b316f79ce1b45917384d0eed4c212d4e3e71bf7dea9fc81135dd631c

Sharing

Copy URL

Twitter E-mail

General

Target

8b7ec8d1b316f79ce1b45917384d0eed4c212d4e3e71bf7dea9fc81135dd631c
Size

1.7MB
MD5

492b2023401d79a35ec46902b1f5477c
SHA1

3af733758c7c0fc7860f307836bc37fbdb95bdf5
SHA256

8b7ec8d1b316f79ce1b45917384d0eed4c212d4e3e71bf7dea9fc81135dd631c
SHA512

8b344cac5c15a562c7da5ae2f73f12da44eea8f49b4777f5f1a926bf099d39772c3df7d83691f94df718d5326e2686256a802ff6fb393860f0df4c9af47fbe0f
SSDEEP

49152:suy+Z2+Mw4X2S6XHEYfnmOe1yR85XM+uNyHXC7oevMxcaSdB:h

Score

1^/10

Malware Config

Signatures

Files

8b7ec8d1b316f79ce1b45917384d0eed4c212d4e3e71bf7dea9fc81135dd631c
.exe windows x64

059ed78ef9dc47dc566462a78883e8c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
ReleaseSRWLockExclusive
CloseHandle
GetStdHandle
GetConsoleMode
GetFileInformationByHandleEx
FormatMessageW
GetProcessHeap
HeapAlloc
HeapFree
GetProcAddress
GetLastError
InitializeCriticalSection
AcquireSRWLockExclusive
LeaveCriticalSection
ReleaseMutex
ReleaseSRWLockShared
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCommandLineW
WriteFile
ReadFile
EnterCriticalSection
GetCurrentProcessId
TryEnterCriticalSection
QueryPerformanceCounter
GetSystemTimeAsFileTime
AddVectoredExceptionHandler
SetThreadStackGuarantee
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetModuleHandleW
GetModuleFileNameW
ExitProcess
TlsGetValue
TlsSetValue
GetModuleHandleA
WriteConsoleW
ReadConsoleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
InitializeSListHead
GetCurrentThreadId
IsProcessorFeaturePresent

bcrypt

BCryptGenRandom

vcruntime140

__current_exception_context
__C_specific_handler
_CxxThrowException
memmove
memset
memcmp
memcpy
__CxxFrameHandler3
__current_exception

api-ms-win-crt-runtime-l1-1-0

_initterm_e
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_initterm
_exit
_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
exit
_initialize_narrow_environment

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

059ed78ef9dc47dc566462a78883e8c3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

bcrypt

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 298KB - Virtual size: 298KB

.data Size: 512B - Virtual size: 920B

.pdata Size: 120KB - Virtual size: 120KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 298KB - Virtual size: 298KB

.data
Size: 512B - Virtual size: 920B

.pdata
Size: 120KB - Virtual size: 120KB

.reloc
Size: 3KB - Virtual size: 3KB