4a50407aa5853e81c080bb645275d056[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

4a50407aa5853e81c080bb645275d056.exe
Size

386KB
MD5

4a50407aa5853e81c080bb645275d056
SHA1

da95b3398334929fbe7823386fdf5e8eddc3a485
SHA256

f8e0071b5a217e2caf3193ff532db9cdff04a9bb61090518204d46e05f8d3ec3
SHA512

f587ad89a7d3e1e4834dbe36364bd0be29d9d9b3ba2ba05fa6359ce0d1d7add860f6eefa1f425f547346b907c85e5f8f31a426dac6fd5dc9874ba6068893193d
SSDEEP

6144:XmuzKePuOXWsmZ/bT3yRkumDsuAcO0v+8ZH3QtQDbjRr9oDrx:W1eGiWswjT39ZsuO0v+8dQtQdr9oR

Score

N/A

Malware Config

Signatures

Files

4a50407aa5853e81c080bb645275d056.exe
.exe windows x86

69bb0e5c230d96929eef75f6144d2cd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
WriteConsoleInputA
EnumDateFormatsA
CopyFileExW
DnsHostnameToComputerNameA
VerifyVersionInfoA
FindNextFileW
VirtualUnlock
LockFile
GetProfileSectionW
RequestWakeupLatency
SetProcessPriorityBoost
GlobalGetAtomNameW
DeleteFileA
FindNextVolumeMountPointA
TlsSetValue
LoadResource
WriteConsoleInputW
GetConsoleTitleA
GetComputerNameExW
OpenEventA
CallNamedPipeW
GetModuleHandleA
GetSystemDirectoryA
GetDriveTypeA
BuildCommDCBAndTimeoutsW
GetProcAddress
GetShortPathNameA
ReleaseActCtx
GetCommandLineW
InterlockedIncrement
GetConsoleTitleW
CopyFileW
CreateActCtxW
FormatMessageA
EnterCriticalSection
FindNextVolumeA
GetThreadSelectorEntry
LoadLibraryA
CreateNamedPipeA
GetSystemDefaultLCID
GetConsoleAliasesLengthW
WriteProfileSectionA
AddAtomW
InterlockedDecrement
HeapFree
_hread
InterlockedExchangeAdd
GetStartupInfoA
CreateMailslotA
GetCPInfoExA
GetSystemWow64DirectoryW
GetLastError
GetPrivateProfileIntA
GetConsoleAliasExesLengthW
WaitForDebugEvent
EndUpdateResourceA
SetLastError
ExitThread
GetACP
lstrcatW
GetConsoleAliasA
GetDiskFreeSpaceExA
DefineDosDeviceW
CreateIoCompletionPort
EnumResourceLanguagesW
GetCPInfoExW
SetConsoleTextAttribute
SetInformationJobObject
WriteConsoleW
SetCriticalSectionSpinCount
GetComputerNameW
EnumSystemLocalesA
WritePrivateProfileSectionA
WritePrivateProfileStructA
GetPrivateProfileSectionNamesW
FileTimeToSystemTime
GlobalMemoryStatus
SetTapeParameters
lstrcmpW
SetEvent
FreeLibrary
FindResourceW
SetCommState
FormatMessageW
InterlockedCompareExchange
CreateFiber
GetConsoleFontSize
MoveFileA
LocalAlloc
SetFileShortNameW
lstrcpyA
HeapQueryInformation
SetCalendarInfoW
SetComputerNameW
GetConsoleAliasesW
EnumDateFormatsExA
GetConsoleOutputCP
GetStdHandle
GetLocalTime
GetStringTypeA
FindActCtxSectionStringA
FreeEnvironmentStringsA
GetModuleHandleExW
LoadLibraryW
GetBinaryTypeA
GetFileAttributesA
GetSystemWindowsDirectoryW
LocalFlags
GetSystemTimeAdjustment
SetProcessShutdownParameters
lstrcpynA
GlobalWire
FillConsoleOutputCharacterA
GetCompressedFileSizeA
GetFullPathNameA
ReadConsoleW
FreeUserPhysicalPages
WriteConsoleOutputCharacterA
OpenJobObjectA
CreateFileW
DeleteTimerQueueTimer
SetCurrentDirectoryW
GetNamedPipeHandleStateA
TerminateProcess
GetNamedPipeHandleStateW
CreateFileA
WideCharToMultiByte
RaiseException
GetCommandLineA
HeapValidate
IsBadReadPtr
DeleteCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetOEMCP
GetCPInfo
IsValidCodePage
TlsGetValue
GetModuleHandleW
TlsAlloc
GetCurrentThreadId
TlsFree
SetFilePointer
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
ExitProcess
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
RtlUnwind
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
OutputDebugStringW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
WriteConsoleA
CloseHandle

user32

LoadMenuW
CharUpperW
GetMenuInfo

gdi32

SelectObject

msimg32

AlphaBlend

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boropir
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jimomo
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gobayi
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69bb0e5c230d96929eef75f6144d2cd7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

Sections

.text Size: 198KB - Virtual size: 197KB

.data Size: 137KB - Virtual size: 166KB

.boropir Size: 1024B - Virtual size: 1024B

.jimomo Size: 1024B - Virtual size: 1024B

.gobayi Size: 512B - Virtual size: 150B

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 198KB - Virtual size: 197KB

.data
Size: 137KB - Virtual size: 166KB

.boropir
Size: 1024B - Virtual size: 1024B

.jimomo
Size: 1024B - Virtual size: 1024B

.gobayi
Size: 512B - Virtual size: 150B

.rsrc
Size: 47KB - Virtual size: 47KB