d01601e8b00335e2eeb56fb5746038b59be955e023b6a758c39b11770f9fe7eb

Sharing

Copy URL

Twitter E-mail

General

Target

d01601e8b00335e2eeb56fb5746038b59be955e023b6a758c39b11770f9fe7eb
Size

608KB
MD5

38bac92c768fe8e7713c4dd32bfdcf55
SHA1

bcfef98e22a6ff49b6bd161d56efaec075dd70ed
SHA256

d01601e8b00335e2eeb56fb5746038b59be955e023b6a758c39b11770f9fe7eb
SHA512

66c1a6fb64aa2cdb32aa837a22e8c2918e0b5f20482cd93b917d6f611beeb1b010d0157e98e371eb903d4ed720daafe1c831c4e0957a998bbb9748f732f31328
SSDEEP

12288:bW1vNHVeOWIy7p/+J+tPYuMnQOwDKxw1LAc0RS:bW1vR07pWewuGQO6YoOI

Score

1^/10

Malware Config

Signatures

Files

d01601e8b00335e2eeb56fb5746038b59be955e023b6a758c39b11770f9fe7eb
.exe windows x86

7e0560e59b96751830f6997ebd14a578

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
MultiByteToWideChar
FindNextFileW
GetCurrentProcess
TerminateProcess
FindClose
CreateFileW
CloseHandle
GetLastError
GetProcAddress
GetModuleHandleW
GetSystemInfo
EnterCriticalSection
WriteFile
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetCurrentThreadId
WideCharToMultiByte
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
HeapSize
InitializeCriticalSectionEx
GetModuleFileNameW
SetLastError
HeapFree
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
HeapQueryInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
WriteConsoleW
GetFileType
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitProcess
HeapValidate
GetModuleHandleExW
VirtualQuery
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
GetStringTypeW
LCMapStringEx
LocalFree
EncodePointer

user32

SendMessageTimeoutW
FindWindowW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

ole32

CoCreateInstance
CLSIDFromProgID
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

ws2_32

WSAStartup
WSACleanup

shlwapi

PathStripPathW
SHGetValueW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e0560e59b96751830f6997ebd14a578

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

shlwapi

version

Sections

.text Size: 357KB - Virtual size: 356KB

.rdata Size: 127KB - Virtual size: 126KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 101KB - Virtual size: 101KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 357KB - Virtual size: 356KB

.rdata
Size: 127KB - Virtual size: 126KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 101KB - Virtual size: 101KB

.reloc
Size: 18KB - Virtual size: 17KB