qZGYOyA5rG[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

qZGYOyA5rG.exe
Size

130KB
MD5

78f7ba13edd008ea22a8116e6a3b56ba
SHA1

e2fc9ef2ec44db2e01eeec52ded29ed0b24fa10f
SHA256

bdf296434f9ad3d332b00073d74a884ca78b7a6a535f1e1b63f510d9e77dc3c1
SHA512

9af521e0ec23a902204f7effe3801f5b20e959e1d95c4e76d394087388953205aa5accd706ff6022c5e0ff11b6e728801f4847900864ee74ddea79cedf2c58c8
SSDEEP

3072:zewcPHgx8H/yC1wR9m4wHfKIu/970vZX6K:qwcKl9m/K//mvVn

Score

1^/10

Malware Config

Signatures

Files

qZGYOyA5rG.exe
.exe windows x86

f221e81f5f33991fe15aeca4466060ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeMountPointW
VirtualProtect
GetCurrentProcess
PeekNamedPipe
WaitForSingleObject
LocalAlloc
SetupComm
IsProcessInJob
DnsHostnameToComputerNameA
GetConsoleMode
AddAtomA
WriteConsoleInputW
FindAtomA
GetProcAddress
GetCurrentProcessId
UnhandledExceptionFilter
GetModuleHandleW
GetComputerNameExA
CreateFileW
DecodePointer
WriteConsoleW
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
CloseHandle
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetFileType
GetStringTypeW
GetProcessHeap
RaiseException

user32

SendMessageA
SetWindowsHookW
GetWindow
PostMessageA
WaitMessage

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f221e81f5f33991fe15aeca4466060ec

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 47KB - Virtual size: 50KB

.gfids Size: 1024B - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 47KB - Virtual size: 50KB

.gfids
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 3KB