425b9cd4f233bf9c68bf2f965717e36348911ea057d3792ebc862caea077bf27

Sharing

Copy URL

Twitter E-mail

General

Target

425b9cd4f233bf9c68bf2f965717e36348911ea057d3792ebc862caea077bf27
Size

210KB
MD5

4a664f5bfd63570f209fa6cf42467eaf
SHA1

bd61a99af933bde5d4c341520e30b62034139c7c
SHA256

425b9cd4f233bf9c68bf2f965717e36348911ea057d3792ebc862caea077bf27
SHA512

62c17b99f91ede151fbd328ff7203efdc4cee1f11207f029b85065bacc426c9c585a4f7fd3fb970d1ff679367852cedff8fe2f7641873bf9ed43d9144a95b232
SSDEEP

3072:cB3kL9cpT4rSeLL+I7c+cis50HZ5Qv+mPDfHHAEV:cWuTcXLL+I7c+cYHZem6DzV

Score

N/A

Malware Config

Signatures

Files

425b9cd4f233bf9c68bf2f965717e36348911ea057d3792ebc862caea077bf27
.exe windows x86

4db0b0ad55d8845c1f09c0c109675a3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextVolumeMountPointA
GetModuleHandleW
GetCurrentProcessId
VirtualAlloc
WriteProfileSectionA
AddAtomW
WaitForSingleObject
VirtualProtect
GetNativeSystemInfo
SetFileAttributesW
FreeEnvironmentStringsW
WriteConsoleW
ResetEvent
WriteConsoleInputA
IsProcessInJob
GetConsoleOutputCP
WriteConsoleA
GetProcessHeap
SetEndOfFile
SetStdHandle
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetStartupInfoW
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
HeapReAlloc
ExitProcess
WriteFile
GetModuleFileNameA
GetModuleFileNameW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
ReadFile
InitializeCriticalSectionAndSpinCount
CloseHandle
CreateFileA
LoadLibraryA
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer

user32

DrawCaption

gdi32

FillPath
DrawEscape

winspool.drv

DeviceCapabilitiesA

ole32

CreateFileMoniker
GetHGlobalFromStream

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mysec
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4db0b0ad55d8845c1f09c0c109675a3f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

ole32

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 41KB - Virtual size: 51KB

.mysec Size: 512B - Virtual size: 4B

.rsrc Size: 57KB - Virtual size: 57KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 41KB - Virtual size: 51KB

.mysec
Size: 512B - Virtual size: 4B

.rsrc
Size: 57KB - Virtual size: 57KB

.reloc
Size: 7KB - Virtual size: 6KB