70f95be0a7035dd24ec29d91f3bf9db0d184760725f4742d2560e59d048221ea

Sharing

Copy URL

Twitter E-mail

General

Target

70f95be0a7035dd24ec29d91f3bf9db0d184760725f4742d2560e59d048221ea
Size

232KB
MD5

f8e7ddc24c5807eefb4c3a1d984c9649
SHA1

549870c8f3cc21b13bb78969ce6e8a1717c3255a
SHA256

70f95be0a7035dd24ec29d91f3bf9db0d184760725f4742d2560e59d048221ea
SHA512

bc5207ad0a9c5602eb401e38d92fbcf51f8fe90dd73ac27e33c1d71ae99b4ef34eb95a29093b5ce2b88377c367d0c189ed1e8a8c0176d7496d61ee940d9b392d

Score

N/A

Malware Config

Signatures

Files

70f95be0a7035dd24ec29d91f3bf9db0d184760725f4742d2560e59d048221ea
.exe windows x86

b20729a9fabd3d8bd61d1064a3293bc8

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddConsoleAliasW
LocalFlags
GetProcessHeap
ReadConsoleW
GlobalAlloc
GetPrivateProfileIntA
GetSystemDirectoryW
WideCharToMultiByte
LoadLibraryW
FreeConsole
SetVolumeMountPointA
GetVersionExW
WriteConsoleW
lstrlenW
ReplaceFileA
ReleaseActCtx
HeapFree
SetLastError
VirtualAlloc
GetAtomNameA
LoadLibraryA
SetConsoleCtrlHandler
GetModuleFileNameA
FindFirstChangeNotificationA
FreeEnvironmentStringsW
GetConsoleTitleW
VirtualProtect
GetCPInfoExA
SetCalendarInfoA
ReadConsoleA
GetStdHandle
GetDefaultCommConfigW
CloseHandle
CreateFileA
GetConsoleOutputCP
WriteConsoleA
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
MultiByteToWideChar
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetLastError
WriteFile
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
HeapReAlloc
HeapCreate
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers

user32

ChildWindowFromPoint

advapi32

GetOldestEventLogRecord

ole32

CoRevokeMallocSpy

winhttp

WinHttpCloseHandle

msimg32

AlphaBlend

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b20729a9fabd3d8bd61d1064a3293bc8

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

winhttp

msimg32

Sections

.text Size: 189KB - Virtual size: 189KB

.data Size: 24KB - Virtual size: 209KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 189KB - Virtual size: 189KB

.data
Size: 24KB - Virtual size: 209KB

.rsrc
Size: 17KB - Virtual size: 16KB