45d61c423e5687cb497e4781a2fd8bbf113da59184e599e85c1fcbdafb7bc2d1

Sharing

Copy URL

Twitter E-mail

General

Target

45d61c423e5687cb497e4781a2fd8bbf113da59184e599e85c1fcbdafb7bc2d1
Size

460KB
MD5

c553db1d551dab2f852a64c188509485
SHA1

edb5eae1a3489e7c2fef813db355392d7ffa53a9
SHA256

45d61c423e5687cb497e4781a2fd8bbf113da59184e599e85c1fcbdafb7bc2d1
SHA512

18a62df4f48afca127c6086a93bc97734d29db227eb064b5963b895d6fa0bb23f4f618ca302e218f106b5e09ab473e8546ad7bc9e458cb0295f9d5af18b73dcc
SSDEEP

6144:+1MrjA2dherrrjau2/hn8Kner52akgPe1KxeRXCBzVWsiS+bOllllllllllllll3:+1M42u3au/F5VkyARaiSAVNic76CS

Score

N/A

Malware Config

Signatures

Files

45d61c423e5687cb497e4781a2fd8bbf113da59184e599e85c1fcbdafb7bc2d1
.exe windows x86

12676826218dd5f3bec3745d596fbd3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
WriteFile
CreateFileA
ReadFile
GetFileSize
DeleteFileA
SetFilePointer
GetTickCount
Sleep
SetEndOfFile
WritePrivateProfileStringA
GetModuleFileNameA
GetCommandLineA
FreeLibrary
GetProcAddress
RtlMoveMemory
GetExitCodeThread
CreateRemoteThread
VirtualFreeEx
FlushFileBuffers
LoadLibraryA
VirtualAllocEx
CreateProcessA
CloseHandle
SetStdHandle
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
RaiseException
TerminateThread
LCMapStringA
CreateThread
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetLastError
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
GetStartupInfoA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
VirtualAlloc
IsBadWritePtr

user32

CallWindowProcA
MessageBoxA
DialogBoxParamA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
GetDlgItem

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetSetCookieA

shlwapi

PathFileExistsA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12676826218dd5f3bec3745d596fbd3f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

shlwapi

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 240KB - Virtual size: 319KB

.rsrc Size: 20KB - Virtual size: 17KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 240KB - Virtual size: 319KB

.rsrc
Size: 20KB - Virtual size: 17KB

.rmnet
Size: 60KB - Virtual size: 60KB