c638ca420ec0b43b688f428a278564f42d15ddb124b15f6a1b56f0ed8988fd02

Sharing

Copy URL Twitter E-mail

General

Target

c638ca420ec0b43b688f428a278564f42d15ddb124b15f6a1b56f0ed8988fd02
Size

23KB
MD5

a8569f1595bda19abcbbb47f68af59b4
SHA1

18c5cd37315f0044c1ae11d89abcf8618ca1d378
SHA256

c638ca420ec0b43b688f428a278564f42d15ddb124b15f6a1b56f0ed8988fd02
SHA512

57033a33364ccc8d30e3dd81bd0be8ce626af086dc83eb3575cdecdbf216844edb136992b097e5c72f5f12b78a70b70fef02ce397586aaf70eac862c7581983c
SSDEEP

384:65xqLlCrTJywOuMuELX+KCYI7wVp/kHfDLaCE9nFzsP2UXp/BSSg7BCNn6nR6E+:6TolC8wOz/tCoVpkfiCE9nRaP/BSSUY4

Score

N/A

Malware Config

Signatures

Files

c638ca420ec0b43b688f428a278564f42d15ddb124b15f6a1b56f0ed8988fd02
.exe windows x86

258eff5224182c35e95ca51e27599ed4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
LoadLibraryA
GetSystemTimeAsFileTime
SizeofResource
CloseHandle
LCMapStringW
TlsGetValue
GlobalFree
MulDiv
GetModuleFileNameA
VirtualProtect
HeapAlloc
TlsFree
InterlockedIncrement
GetVersion
RtlUnwind
FormatMessageA
WriteConsoleW
LoadLibraryExA
MultiByteToWideChar
GetLocalTime
DeleteCriticalSection
SetEndOfFile
CreateFileW
GetLocaleInfoW
GetSystemDirectoryA
ExitProcess
SetEvent
LoadLibraryExW
GetComputerNameW
SetFilePointer
GetCurrentThreadId
GetSystemDefaultLCID
DisableThreadLibraryCalls
OutputDebugStringA
GetTickCount
GetLastError
GetFileSize
SetHandleCount
FreeLibrary
GetEnvironmentStrings
InterlockedCompareExchange
GetModuleFileNameW
QueryPerformanceCounter
TlsSetValue
LoadResource
GetStdHandle
CreateFileA
CreateEventA
UnhandledExceptionFilter
GlobalAlloc
HeapFree
GetConsoleMode
GetCommandLineA
HeapSize
GetModuleHandleA
HeapDestroy
GetEnvironmentVariableA
GetProcAddress
GetFileType
GetCurrentProcess
RaiseException
GetStartupInfoA
FlushFileBuffers
DeleteFileW
WaitForSingleObject
CompareStringA
GetStringTypeA
GetCurrentDirectoryW
ResetEvent
LeaveCriticalSection
InterlockedExchange

user32

GetSystemMetrics
GetCapture
OffsetRect
CharNextA
GetDlgItem
LoadIconA
TranslateMessage
IsDialogMessageW
RegisterClassW
PostQuitMessage
SetRectEmpty
RegisterClassExW
InvalidateRect
GetWindowLongA
ReleaseDC
EnumChildWindows
LoadStringW
BeginPaint
GetNextDlgTabItem
GetParent
MessageBeep
FillRect
GetDlgCtrlID
IsDialogMessageA

msvcrt

_wtoi
atoi
??_U@YAPAXI@Z
__dllonexit
_iob
_amsg_exit
??1type_info@@UAE@XZ
_lock
??3@YAXPAX@Z
_adjust_fdiv
?terminate@@YAXXZ
_controlfp
memset

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

258eff5224182c35e95ca51e27599ed4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 3KB