5cb6df0b6eebbf70c7a86eb602175f2a753d52fcbf4eaba84d50a9c2db053eed

Sharing

Copy URL

Twitter E-mail

General

Target

5cb6df0b6eebbf70c7a86eb602175f2a753d52fcbf4eaba84d50a9c2db053eed
Size

283KB
MD5

a74a4396370e85da61252648d7f58a67
SHA1

c1074d8441726523bde755fe91bf9d19616d9942
SHA256

5cb6df0b6eebbf70c7a86eb602175f2a753d52fcbf4eaba84d50a9c2db053eed
SHA512

b6e81b54abf88f5b712f0c3523c7214810ab713877c960635e20d6401c2a9446c9096e5653d243ffc35e7c67bf34e4479aee4c422b84eb5c41b835476eec121d
SSDEEP

6144:5/xAE9uhXTTNmDjzrvvQHtzLatsGHGhDyGbGjjqbW/BX:r9uVTNm3fAHiIW/

Score

N/A

Malware Config

Signatures

Files

5cb6df0b6eebbf70c7a86eb602175f2a753d52fcbf4eaba84d50a9c2db053eed
.exe windows x86

a51119f32d0e30579e1b4702fec2dc30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
SetProcessShutdownParameters
GetProcessShutdownParameters
GetStartupInfoW
GetProcessVersion
LoadLibraryA
GetACP
GetSystemTimes
FillConsoleOutputCharacterA
GetTickCount
FindFirstChangeNotificationA
LoadLibraryW
HeapSize
GetProcAddress
Sleep
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
ExitThread
EnumTimeFormatsW
AddAtomW
GetLastError
FindResourceExA
FreeEnvironmentStringsW
SetLastError
GlobalFree
GetModuleFileNameW
GetStdHandle
WriteFile
HeapReAlloc
ExitProcess
HeapFree
RtlUnwind
RaiseException
GetCommandLineW
HeapSetInformation
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapCreate
IsProcessorFeaturePresent
HeapAlloc

user32

PeekMessageA
GetRegisteredRawInputDevices
GetClipboardSequenceNumber
LoadCursorFromFileA
LoadImageW
LoadKeyboardLayoutA
ScrollWindow
UpdateWindow
LookupIconIdFromDirectory
LoadIconW
MapVirtualKeyExA
MapWindowPoints
CloseClipboard
DefDlgProcA
RealGetWindowClassA
UserHandleGrantAccess
GetMessageExtraInfo
GetUpdateRect
SendDlgItemMessageA
GetNextDlgGroupItem
GetNextDlgTabItem
SetParent
DlgDirSelectExA
LoadBitmapA
MapVirtualKeyA

gdi32

CreateDiscardableBitmap
SetViewportOrgEx
SetStretchBltMode

advapi32

ClearEventLogW
BackupEventLogW
OpenServiceW
ChangeServiceConfigW

shell32

DragFinish
FindExecutableW
ShellExecuteW
DragQueryFileA

Exports

Exports

_MyFunc1@4

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mysec4
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a51119f32d0e30579e1b4702fec2dc30

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Exports

Exports

Sections

.text Size: 127KB - Virtual size: 127KB

.data Size: 29KB - Virtual size: 142KB

.mysec4 Size: 1024B - Virtual size: 4KB

.rsrc Size: 118KB - Virtual size: 118KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 127KB - Virtual size: 127KB

.data
Size: 29KB - Virtual size: 142KB

.mysec4
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 118KB - Virtual size: 118KB

.reloc
Size: 5KB - Virtual size: 5KB