cfe813445fccb796b49151f6a50521d606e8006b2c42c220a51e0c9bfd79ce6e

Sharing

Copy URL Twitter E-mail

General

Target

cfe813445fccb796b49151f6a50521d606e8006b2c42c220a51e0c9bfd79ce6e
Size

348KB
MD5

1582194e9049efdea38b7199bb4f202f
SHA1

03939455a0de232d0025f9964ef0db3d8a6fa5bb
SHA256

cfe813445fccb796b49151f6a50521d606e8006b2c42c220a51e0c9bfd79ce6e
SHA512

d0a8c1f0500d829a0a930a13b1a25822ec159be359d49d53f60e2b0022bc48b536d138bc976cc3293c4e5d5561a26ccd6eeccb60935fd2b84e2806b4097a95bc
SSDEEP

6144:sKz7qBVeo853ypLo+hgP8Z9h2IPNDWLEqmNdg7ARpNY/h9Pe+qnFVxUO:syqbyQp0+m0ZiI1WLEzs7IYqnFVxU

Score

N/A

Malware Config

Signatures

Files

cfe813445fccb796b49151f6a50521d606e8006b2c42c220a51e0c9bfd79ce6e
.exe windows x86

9eaed84f1e235164c7ce7aa0f6d43db4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
VirtualAlloc
GetComputerNameA
SetUnhandledExceptionFilter
HeapCreate
FreeEnvironmentStringsW
LoadResource
ReadConsoleInputW
LocalHandle
GetOEMCP
GetEnvironmentStrings
GetEnvironmentStringsW
LoadLibraryExA
SetLastError
LeaveCriticalSection
GetLocaleInfoW
IsDebuggerPresent
GetStdHandle
CreateFileA
InterlockedDecrement
GetConsoleCP
GetLocaleInfoA
LCMapStringA
ReadFile
GetStringTypeW
RemoveDirectoryW
GetCurrentProcessId
GetModuleFileNameW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetStartupInfoW
SetHandleCount
TlsFree
SetFilePointer
SetStdHandle
DeleteCriticalSection
DeleteFileW
FlushFileBuffers
CompareStringA
GetTickCount
HeapAlloc
RtlUnwind
GetCommandLineW
EnterCriticalSection
WideCharToMultiByte
CreateNamedPipeA
GetUserDefaultLCID
GetConsoleCursorInfo
SetConsoleCtrlHandler
lstrcmp
GetPrivateProfileSectionNamesA
InterlockedExchange
IsValidCodePage
EnumSystemLocalesA
SetConsoleCursorInfo
GetProcAddress
WriteConsoleW
GetCPInfo
GetStringTypeA
IsValidLocale
WriteFile
GetDateFormatA
Sleep
GetFileType
VirtualFree
GetACP
LoadLibraryA
QueryPerformanceCounter
GetTimeFormatA
CloseHandle
VirtualProtectEx
InitializeCriticalSectionAndSpinCount
TlsSetValue
GetCurrentThread
TlsGetValue
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
FileTimeToDosDateTime
SetEnvironmentVariableA
HeapSize
GetCurrentThreadId
TerminateProcess
ExitProcess
CreateMutexA
GetConsoleOutputCP
GetProfileStringW
WaitForDebugEvent
EnumCalendarInfoW
VirtualQuery
OpenMutexA
CompareStringW
TlsAlloc
GetConsoleMode
HeapDestroy
HeapReAlloc
HeapFree
WriteConsoleA
GetModuleFileNameA
GetModuleHandleW
GetCurrentProcess
UnhandledExceptionFilter
GetTimeZoneInformation
GetLastError
FreeLibrary
GetModuleHandleA
LCMapStringW

comctl32

InitCommonControlsEx

user32

DdeGetLastError
IsDialogMessageA
SetWindowsHookA
CreateMDIWindowW
RegisterClassA
ChangeMenuA
RegisterClassExA
PtInRect
CharNextW
MapDialogRect
VkKeyScanExW
SetCaretPos
MessageBoxExA
TrackPopupMenu
EnumDisplaySettingsExW
DlgDirListW
CreateWindowStationW
GetNextDlgTabItem
IsCharUpperA
CreateIcon
DefWindowProcW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eaed84f1e235164c7ce7aa0f6d43db4

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 10KB - Virtual size: 26KB

.data Size: 174KB - Virtual size: 174KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 10KB - Virtual size: 26KB

.data
Size: 174KB - Virtual size: 174KB

.rsrc
Size: 4KB - Virtual size: 3KB