78250e56eb74256bbff94794bb9e325fa053b3f2e37077fe4675c8c0ec8c59ba

Sharing

Copy URL

Twitter E-mail

General

Target

78250e56eb74256bbff94794bb9e325fa053b3f2e37077fe4675c8c0ec8c59ba
Size

323KB
MD5

4b357990f0543c5d97897dec4419b2ea
SHA1

9a5e81ddceb7d98ecf36712a03834d9acd9ef48e
SHA256

78250e56eb74256bbff94794bb9e325fa053b3f2e37077fe4675c8c0ec8c59ba
SHA512

aa0f883fdb5c8a9c2b1ecdbb30f316d51b7fe95ac771e62b5089d040513ceb6887af2a2c2b4b5edd7d755b9287c30d4b78f02f47c7058e8eff49a2e57aadaaea
SSDEEP

6144:Qg+8i2HzP8/7ZgA0ks8G5KKHA+ecF4l7Ut3QrSRAVWv7SDEPQRX:Qg+GHzy7Zv0AG5J7eDlot3QrSRAVWv+L

Score

1^/10

Malware Config

Signatures

Files

78250e56eb74256bbff94794bb9e325fa053b3f2e37077fe4675c8c0ec8c59ba
.exe windows x86

0a980afa2a5fa2cb008e9aa696674c5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
WriteProcessMemory
VirtualAlloc
WaitForSingleObject
ResumeThread
GetThreadContext
VirtualAllocEx
CreateProcessA
SetThreadContext
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
SetLastError
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentThreadId
ExitProcess
FreeLibrary
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
LoadLibraryExW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
MultiByteToWideChar
GetProcessHeap
WideCharToMultiByte
HeapSize
HeapReAlloc
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwind
RaiseException
EncodePointer
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetModuleFileNameW
GetStdHandle
WriteFile
FindClose
FindFirstFileExW
FindNextFileW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
DecodePointer

libsodium

crypto_aead_chacha20poly1305_decrypt

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a980afa2a5fa2cb008e9aa696674c5c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

libsodium

Sections

.text Size: 290KB - Virtual size: 289KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 290KB - Virtual size: 289KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB