4939b61eb011cc10deba126cd09a2106b7ed7c1e41895c00a3de388ca1c5348d

Sharing

Copy URL

Twitter E-mail

General

Target

4939b61eb011cc10deba126cd09a2106b7ed7c1e41895c00a3de388ca1c5348d
Size

405KB
MD5

d7e0c89bbb42aef8d64f97a0efb6b1b0
SHA1

1600e95f0b4c4dd545adcaefe2ffb1c93eb89989
SHA256

4939b61eb011cc10deba126cd09a2106b7ed7c1e41895c00a3de388ca1c5348d
SHA512

4b46b5e8ca257e6c51e218cb7c6ce17919a11ea9567868bfe02b22352752ec50e716804a1cce31c6fe26db55135728614353e8491cb81e15eae7a238b7514c21
SSDEEP

6144:YdMYjx+XvyR8UpXpZq3EJ0bB2RhFVtce14ZojUvp:y9j38EXXq3EJ0bIt1WWUvp

Score

N/A

Malware Config

Signatures

Files

4939b61eb011cc10deba126cd09a2106b7ed7c1e41895c00a3de388ca1c5348d
.exe windows x86

33dc3ddfb214fa88749ef49e0e5177c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
FindFirstFileA
OpenMutexA
LocalAlloc
FindNextFileA
VirtualProtect
GetCurrentDirectoryA
CreateProcessA
TlsAlloc
CloseHandle
GetTempPathA
SetStdHandle
SetFilePointerEx
GetConsoleMode
Sleep
GetCurrentThreadId
TlsSetValue
GetConsoleCP
FlushFileBuffers
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
HeapAlloc
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetCPInfo
GetOEMCP
IsValidCodePage
WriteConsoleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCommandLineA
RaiseException
RtlUnwind
GetModuleFileNameW
GetModuleHandleExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
GetFileType
GetLastError
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
HeapValidate
GetSystemInfo
WriteFile
GetACP
GetProcessHeap
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
LoadLibraryExW
OutputDebugStringA
CreateFileW

ole32

OleInitialize
OleCreate

aclui

ord2
ord1

hlink

ord3
ord27
ord12
ord10
ord24
ord15
ord11
ord26
ord16
ord32
ord8
ord6
ord22
ord23
ord21
ord9
ord18
ord7
ord4
ord20

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1020KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33dc3ddfb214fa88749ef49e0e5177c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

aclui

hlink

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 8KB - Virtual size: 1020KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 122KB - Virtual size: 122KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 8KB - Virtual size: 1020KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 122KB - Virtual size: 122KB

.reloc
Size: 12KB - Virtual size: 11KB