efff3402a8b34c9052b42203bc042df79a887114c011bb2123cc8cef82ed9592

Sharing

Copy URL Twitter E-mail

General

Target

efff3402a8b34c9052b42203bc042df79a887114c011bb2123cc8cef82ed9592
Size

120KB
MD5

7488536cad79cae5bb71b56b5898fa93
SHA1

47601b84201e6edddf46d08304c0d452fe2b8716
SHA256

efff3402a8b34c9052b42203bc042df79a887114c011bb2123cc8cef82ed9592
SHA512

8a1e82de4d27137dd66d0e2cf50b4083e60af2849596b0806af29177bc2baffb9839f9ce581b1ab3dba31892e94defe12f62c34a8df07059762a836f65edcee0
SSDEEP

3072:iX0vd6BUGuQThQrbm/Pc20mc9Ls2LHMZeS2:/Gpirbm/PBh2LHMZe

Score

N/A

Malware Config

Signatures

Files

efff3402a8b34c9052b42203bc042df79a887114c011bb2123cc8cef82ed9592
.exe windows x86

874d4a65e81790fc26192e4d867f4ab0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedDecrement
GetTickCount
SetLastError
VirtualAlloc
ExitProcess
LocalAlloc
GetProcAddress
WaitForSingleObject
WriteFile
HeapFree
QueryPerformanceCounter
GetProcAddress
GetACP
FormatMessageW
GetProcAddress
GetModuleHandleA
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapFree
GetCommandLineA
InterlockedDecrement
GetStartupInfoA
VirtualFree
GetCurrentProcess
LoadLibraryW
MultiByteToWideChar
WaitForSingleObject
lstrlenW
QueryPerformanceCounter
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCommandLineW
LeaveCriticalSection
DeleteCriticalSection
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
GetACP
CloseHandle
GetModuleFileNameA
VirtualAlloc
FreeLibrary
TerminateProcess
TerminateProcess
GetProcessHeap
GetLastError
FormatMessageW
VirtualAlloc
Sleep
GetProcessHeap
lstrcmpiW
GetModuleHandleA
MultiByteToWideChar
GetCurrentThreadId
InitializeCriticalSection
HeapDestroy
InterlockedIncrement
GetProcessHeap
GetCurrentProcess
ReadFile
InterlockedIncrement
GetCurrentProcess
GetProcessHeap
HeapDestroy
FreeLibrary
CreateFileW
CreateThread
WriteFile
EnterCriticalSection
VirtualAlloc
HeapFree
GetCurrentProcessId
InterlockedDecrement
GetCurrentProcess
GetModuleHandleA
GetProcessHeap
EnterCriticalSection
LocalAlloc
LoadLibraryA
CloseHandle
HeapReAlloc
VirtualFree
ReadFile
GetTickCount
lstrlenW
ReadFile
GetACP
VirtualAlloc
GetModuleFileNameA
InterlockedIncrement
TerminateProcess
SetFilePointer
GetProcessHeap
SetEvent
lstrcmpiW

Sections

.text
Size: 109KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

874d4a65e81790fc26192e4d867f4ab0

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 109KB - Virtual size: 124KB

.idata Size: 2KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.data Size: 5KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 36B

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 109KB - Virtual size: 124KB

.idata
Size: 2KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 36B

.rsrc
Size: 1024B - Virtual size: 4KB