83c8cf680a422057fa43523929ee0f975858d3f91c8502b4b3c4be97b85c70c6

Sharing

Copy URL Twitter E-mail

General

Target

83c8cf680a422057fa43523929ee0f975858d3f91c8502b4b3c4be97b85c70c6
Size

518KB
MD5

cede3f4e92461a8bba97576b163b9c23
SHA1

05004684dade93c2e77c850ba291760a9ac097fc
SHA256

83c8cf680a422057fa43523929ee0f975858d3f91c8502b4b3c4be97b85c70c6
SHA512

127b1b6c155e7eaaacdfd00ae90981559da7c13df800333d473455ab91930ede82f7905eb9c00f7fa22cc90ae1a7f1027cd6df1e59b9f8825b79b1d56da5bb18
SSDEEP

12288:G7meMcRe1g7qdgN9ZzuRhZU+AyvscHz6HsJlei9zo:m0cReKGcf8cyXz6MTI

Score

N/A

Malware Config

Signatures

Files

83c8cf680a422057fa43523929ee0f975858d3f91c8502b4b3c4be97b85c70c6
.exe windows x86

248dbe4d6cd3b07dc4ec9d3e84540d7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

RealShellExecuteExW
SHChangeNotify
DragQueryFileA
SHGetPathFromIDListA

kernel32

GetModuleFileNameA
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
GetOEMCP
FreeLibrary
SetLastError
GetStringTypeW
GetProcAddress
EnumSystemLocalesA
GetProcessHeap
FlushFileBuffers
CreateMutexA
VirtualFree
ExitProcess
WriteConsoleW
TlsAlloc
OpenMutexA
GetACP
HeapCreate
GetCurrentThreadId
LeaveCriticalSection
TlsSetValue
InterlockedExchange
GetCommandLineW
UnhandledExceptionFilter
IsValidLocale
TlsGetValue
HeapDestroy
GetEnvironmentStringsW
GetLocaleInfoW
DeleteCriticalSection
Sleep
GetSystemTimeAsFileTime
GetConsoleCP
RtlUnwind
TlsFree
MultiByteToWideChar
LCMapStringW
CreateFileA
CompareStringW
CloseHandle
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetLocaleInfoA
GetVersionExA
CompareStringA
ReadFile
TerminateProcess
FreeEnvironmentStringsA
GetDateFormatA
GetUserDefaultLCID
IsValidCodePage
InterlockedIncrement
InitializeCriticalSection
VirtualQuery
GetStringTypeA
GetStdHandle
LoadResource
SetFilePointer
LoadLibraryA
SetStdHandle
GetTimeFormatA
WideCharToMultiByte
EnterCriticalSection
GetConsoleOutputCP
WriteConsoleA
GetFileType
GetConsoleMode
GetCurrentThread
GetTickCount
GetStartupInfoA
HeapFree
GetEnvironmentStrings
GetCurrentProcess
LCMapStringA
QueryPerformanceCounter
HeapSize
FreeEnvironmentStringsW
GetModuleFileNameW
SetConsoleCtrlHandler
WriteFile
GetModuleHandleA
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoW
VirtualAlloc
GetLastError
InterlockedDecrement
SetHandleCount
GetCurrentProcessId

user32

GetWindowModuleFileNameA
UnloadKeyboardLayout
CallMsgFilterW
RegisterClassA
CreateWindowExW
ShowWindow
EnumDesktopsA
RegisterClassExA
DdeUninitialize
MessageBoxW

advapi32

InitiateSystemShutdownA
LookupAccountNameW

comdlg32

GetFileTitleW

comctl32

DrawInsert
CreateStatusWindowA
InitCommonControlsEx
ImageList_Replace

Sections

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

248dbe4d6cd3b07dc4ec9d3e84540d7f

Headers

File Characteristics

Imports

shell32

kernel32

user32

advapi32

comdlg32

comctl32

Sections

.text Size: 337KB - Virtual size: 337KB

.rdata Size: 47KB - Virtual size: 57KB

.data Size: 116KB - Virtual size: 115KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 337KB - Virtual size: 337KB

.rdata
Size: 47KB - Virtual size: 57KB

.data
Size: 116KB - Virtual size: 115KB

.rsrc
Size: 16KB - Virtual size: 16KB