7df4c83794180ad97690320d2076717026a61268f87f555aec3f444bb79bc4a4

Sharing

Copy URL Twitter E-mail

General

Target

7df4c83794180ad97690320d2076717026a61268f87f555aec3f444bb79bc4a4
Size

626KB
MD5

b0d93a19b2753eb21e3cff48be80173a
SHA1

d26f4e9ff5b362fb7640e1cd266079e2e9f24144
SHA256

7df4c83794180ad97690320d2076717026a61268f87f555aec3f444bb79bc4a4
SHA512

b7945f0017c4e9bcf46124b23bb841b53a619b3abb05da32c1e6bb5f1b78fd4e847b38560f67c971074317a608b3b6a4a37cd021a4336c2fe21d88521af47a44
SSDEEP

12288:1BgCamRKZp/vUIJSxbIj4S819DD54476pZ6hc9wCLl4/wc3uWiLec69hRxMjl6:1EmOJX4//r76TTFLOYc3H4e5LAl

Score

N/A

Malware Config

Signatures

Files

7df4c83794180ad97690320d2076717026a61268f87f555aec3f444bb79bc4a4
.exe windows x86

a5d218a4f8486f8a316cdd7bb8f05526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetACP
LCMapStringA
FreeEnvironmentStringsA
RtlUnwind
GetUserDefaultLCID
FlushFileBuffers
GetCurrentProcess
GetStdHandle
VirtualAlloc
LoadLibraryW
IsValidCodePage
HeapReAlloc
GetModuleFileNameW
CloseHandle
GetLocaleInfoW
GetConsoleOutputCP
WriteFile
GetModuleFileNameA
GetDateFormatA
GetTimeZoneInformation
WriteConsoleW
GetFileType
GetTimeFormatA
WideCharToMultiByte
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetConsoleMode
InterlockedDecrement
QueryPerformanceCounter
SetStdHandle
RaiseException
lstrlenA
OutputDebugStringW
SetHandleCount
GetConsoleCP
HeapAlloc
GetProcessHeap
HeapFree
EnumResourceNamesA
UnhandledExceptionFilter
GetCurrentProcessId
EnumSystemLocalesA
GetVersionExA
VirtualFree
SetEnvironmentVariableA
InitializeCriticalSection
GetCommandLineA
GetLastError
HeapCreate
GetCurrentThread
TlsFree
SetConsoleCtrlHandler
CompareStringW
FreeEnvironmentStringsW
TlsSetValue
TlsGetValue
TlsAlloc
EnterCriticalSection
LoadModule
OutputDebugStringA
WriteConsoleA
CreateFileA
GetCPInfo
HeapValidate
GetProcAddress
GetLocaleInfoA
GetOEMCP
FreeLibrary
IsValidLocale
InterlockedExchange
InterlockedIncrement
SetUnhandledExceptionFilter
GetStartupInfoA
VirtualQuery
SetLastError
SetFilePointer
FindFirstFileExW
LCMapStringW
GetCurrentThreadId
IsBadReadPtr
GlobalAddAtomA
TerminateProcess
GetEnvironmentStringsW
IsDebuggerPresent
CompareStringA
GetModuleHandleA
MultiByteToWideChar
GetStringTypeW
HeapDestroy
DebugBreak
ExitProcess
LeaveCriticalSection
DeleteCriticalSection

shell32

ExtractIconExA
SHQueryRecycleBinW
RealShellExecuteExA
FindExecutableA
SheGetDirA

comdlg32

GetSaveFileNameA
FindTextA
GetSaveFileNameW
PrintDlgW
ChooseFontA
GetOpenFileNameA
LoadAlterBitmap
GetOpenFileNameW
PageSetupDlgW

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5d218a4f8486f8a316cdd7bb8f05526

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

Sections

.text Size: 305KB - Virtual size: 305KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 305KB - Virtual size: 305KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 4KB - Virtual size: 4KB