41c35a69a2313fec2dbf6b2ba8813a5e3ee3adf6a48491ca2b7b9a0110e54adf

Sharing

Copy URL

Twitter E-mail

General

Target

41c35a69a2313fec2dbf6b2ba8813a5e3ee3adf6a48491ca2b7b9a0110e54adf
Size

231KB
MD5

1d364a0c31c32d46b5efe2598125818f
SHA1

11404f54bd4a3168a152b9af177f13bc481fa576
SHA256

41c35a69a2313fec2dbf6b2ba8813a5e3ee3adf6a48491ca2b7b9a0110e54adf
SHA512

3e39a071666b0f6c00c86a445e401898b22bf2de99e8c632a89032364620acef8bc016dce0bd522172421f1b97197ef7e673c4e840b41c37ca4a029753c82fe8
SSDEEP

6144:LzsmvRXAMkWt980C0yvGW1KyG9zYc+thBP/9XzyFx:c2RXJ/uEZW1K55iBP/1zyFx

Score

N/A

Malware Config

Signatures

Files

41c35a69a2313fec2dbf6b2ba8813a5e3ee3adf6a48491ca2b7b9a0110e54adf
.exe windows x86

5f0fe166f13dd41f82c42ecd3cc6c6bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
MapViewOfFile
lstrlenA
TlsGetValue
GetModuleFileNameW
WriteProfileSectionA
GetTempPathA
SetDefaultCommConfigA
FindVolumeMountPointClose
IsDBCSLeadByte
DosDateTimeToFileTime
GetConsoleCP
SetConsoleOutputCP
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetStringTypeW
OutputDebugStringW
LocalFileTimeToFileTime
SetFileShortNameW
FlushFileBuffers
GetThreadContext
GetLastError
VirtualProtect
SetConsoleMode
LocalAlloc
HeapReAlloc
GetCPInfo
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineA
IsProcessorFeaturePresent
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
HeapSize
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
CreateFileW

user32

SetDlgItemInt
RemovePropA
GetPropA
AppendMenuA
HiliteMenuItem
LoadAcceleratorsW

gdi32

PolyDraw
ResetDCW
TranslateCharsetInfo
GetGlyphOutlineA
CreateICW
AddFontResourceA
SetICMProfileA

ole32

IIDFromString

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f0fe166f13dd41f82c42ecd3cc6c6bb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 6KB - Virtual size: 7.1MB

.rsrc Size: 140KB - Virtual size: 140KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 6KB - Virtual size: 7.1MB

.rsrc
Size: 140KB - Virtual size: 140KB

.reloc
Size: 5KB - Virtual size: 4KB