3ef7f22c04d730186f618c9771f38a13bc7ee31e92ddb154010bd38f07023de9

Sharing

Copy URL Twitter E-mail

General

Target

3ef7f22c04d730186f618c9771f38a13bc7ee31e92ddb154010bd38f07023de9
Size

351KB
MD5

3825cf538d6d2ad0224c42e9f816f02b
SHA1

864e9000b2d2c5a1656c6372957c19ea1d401a74
SHA256

3ef7f22c04d730186f618c9771f38a13bc7ee31e92ddb154010bd38f07023de9
SHA512

0efcab3dd4e913ea7d9272aef818a101730b4cab76c144a82f699f446ab804cfa2a7f859c993999cf667d19133c99efda177f36e0e73dd3c0c494770512c8a13
SSDEEP

6144:E71Dd3k2v0gi33XIYEVWOv3jDwbBwU1WPHg8pKaFW5B2+SdBd:EJDd3P00YEVWOvj6we8g8MaFWFSrd

Score

1^/10

Malware Config

Signatures

Files

3ef7f22c04d730186f618c9771f38a13bc7ee31e92ddb154010bd38f07023de9
.exe windows x86

1b4c2079291f93d40bf236182e3f20f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateTimerQueue
CreateMutexW
lstrcmpA
CopyFileExW
SetLocalTime
CallNamedPipeA
LocalCompact
EnumCalendarInfoW
WaitNamedPipeA
GetEnvironmentStringsW
GetModuleHandleExW
InterlockedCompareExchange
WriteConsoleInputA
BackupSeek
GetWindowsDirectoryA
FindActCtxSectionStringA
GetDriveTypeA
GlobalAlloc
LoadLibraryW
ReadFileScatter
DnsHostnameToComputerNameW
GetConsoleAliasW
GetFileAttributesW
GetModuleFileNameW
GetSystemDirectoryA
CompareStringW
GetDevicePowerState
GetPrivateProfileSectionNamesW
GetConsoleOutputCP
OpenMutexW
GetProcAddress
GetComputerNameExW
RemoveDirectoryA
GetFirmwareEnvironmentVariableW
SearchPathA
ResetEvent
LoadLibraryA
LocalAlloc
GetFileType
BuildCommDCBAndTimeoutsW
AddAtomA
EnumResourceTypesW
FindNextFileA
FindFirstVolumeMountPointA
GetModuleHandleA
SetLocaleInfoW
ContinueDebugEvent
GetStringTypeW
RequestWakeupLatency
GetCurrentThreadId
SetCalendarInfoA
GetVersionExA
DeleteFileW
EnumSystemLocalesA
GetLocaleInfoA
DeactivateActCtx
GetDateFormatW
GetLastError
HeapFree
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
GetLocaleInfoW
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
SetFilePointer
IsProcessorFeaturePresent
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetUserDefaultLCID
IsValidLocale

user32

LoadMenuW

advapi32

ReportEventW

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 194KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b4c2079291f93d40bf236182e3f20f3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 86KB - Virtual size: 86KB

.data Size: 194KB - Virtual size: 3.9MB

.rsrc Size: 69KB - Virtual size: 69KB

.text
Size: 86KB - Virtual size: 86KB

.data
Size: 194KB - Virtual size: 3.9MB

.rsrc
Size: 69KB - Virtual size: 69KB