b28fc9836a813d8b248224a3fd2a5e32[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b28fc9836a813d8b248224a3fd2a5e32.exe
Size

352KB
MD5

b28fc9836a813d8b248224a3fd2a5e32
SHA1

0549eb66e64febe4805b63a303c806efc0c66816
SHA256

5c7a8f5ee1e39a49be7fa173ed0f3a447908c03d5dbde65669dcc483e19bad9b
SHA512

e06c9ad2495e27a66b0cd9d3bab1a2638e3faf30f7af4e063e29b1f7c34ff45a5bfccd400c53540fd8dd9785b268483908ba078852266040dc3ed7ec6ffce907
SSDEEP

6144:zEqICxfwtKIfJbqX9iCiIU/piylkKolYhTE7sZ5jz8A:WCxfwtK+qY7LkyoE5P

Score

N/A

Malware Config

Signatures

Files

b28fc9836a813d8b248224a3fd2a5e32.exe
.exe windows x86

8b6e0e2f782492d8551ab072360dccc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetConsoleAliasesA
GetConsoleTitleA
InitializeCriticalSection
LoadLibraryW
LeaveCriticalSection
lstrcpynW
GetModuleFileNameW
ReleaseActCtx
SetLastError
GetLongPathNameA
MoveFileW
WriteProfileSectionA
InitializeSListHead
LoadLibraryA
WriteConsoleA
GetProcessWorkingSetSize
LocalAlloc
IsWow64Process
GetModuleFileNameA
EnumDateFormatsA
CreateIoCompletionPort
VirtualProtect
GetShortPathNameW
GetFileInformationByHandle
SetMailslotInfo
SetFileAttributesA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
Sleep
DeleteCriticalSection
EnterCriticalSection
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetLastError
HeapFree
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapSize
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
RaiseException
WriteFile
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
HeapReAlloc
SetStdHandle
LCMapStringW
WriteConsoleW
FlushFileBuffers
CreateFileW
CloseHandle

advapi32

ClearEventLogA

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b6e0e2f782492d8551ab072360dccc4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 290KB - Virtual size: 289KB

.data Size: 26KB - Virtual size: 59KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 290KB - Virtual size: 289KB

.data
Size: 26KB - Virtual size: 59KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 7KB - Virtual size: 6KB