5f3e16c813eb3cab58390c4e27720f1bd3c3ad73599cd0f8a264e4089047b1cf

Sharing

Copy URL Twitter E-mail

General

Target

5f3e16c813eb3cab58390c4e27720f1bd3c3ad73599cd0f8a264e4089047b1cf
Size

5.2MB
MD5

df024666a200caacd556988f94236ad0
SHA1

2e94fed8c84e27785a5d68b12f4f07dd5ddfa62d
SHA256

5f3e16c813eb3cab58390c4e27720f1bd3c3ad73599cd0f8a264e4089047b1cf
SHA512

a930114da369dbe7f0db95fb34f5424fc95aee06bbdf4b73c67f45dda9e7d2b9c1e4f994467f9328134d9398fcc5716c9a4650296e375237694b1cd03690d59e
SSDEEP

98304:Hv++1cfN/BHYMQKvzfG2krENe7MS6UROTEN97TJIu+SjVULAGDYL6/XJBX:HGqclZHYMQKvzfDk42v/OTmFJIu+Spwz

Score

N/A

Malware Config

Signatures

Files

5f3e16c813eb3cab58390c4e27720f1bd3c3ad73599cd0f8a264e4089047b1cf
.exe windows x86

80e39e4a5aae5758f11c19884114f191

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
_lopen
_lcreat
lstrcpyA
GetProcAddress
_lclose
lstrlenA
GetWindowsDirectoryA
GlobalHandle
_lwrite
_llseek
FreeLibrary
WinExec
GlobalFree
_lread
GlobalUnlock
GetModuleFileNameA
SetErrorMode
GlobalLock
GetLastError
GetCurrentProcess
WriteFile
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GlobalAlloc
DeleteFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
RtlUnwind
VirtualAlloc
UnhandledExceptionFilter
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
FreeEnvironmentStringsW
VirtualFree
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion

user32

ExitWindowsEx
LoadCursorA
MessageBoxA
RegisterClassA
SetWindowPos
LoadIconA
UpdateWindow
ShowWindow
ReleaseDC
wsprintfA
PostQuitMessage
BeginPaint
EndPaint
DefWindowProcA
SendMessageA
InvalidateRect
GetClientRect
CreateWindowExA
GetDC

gdi32

DeleteObject
GetDeviceCaps
RealizePalette
GetStockObject
SelectObject
PatBlt
SelectPalette
CreatePalette
CreateSolidBrush

Exports

Exports

_MainWndProc@16
_StubFileWrite@12

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 937B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80e39e4a5aae5758f11c19884114f191

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 937B

.data Size: 5KB - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 924B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 937B

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 924B

.reloc
Size: 2KB - Virtual size: 1KB