79176070caed90a3b20d5982e3580d7a2a27daab3b6f652fb33737f5a33d9e67

General

Target

79176070caed90a3b20d5982e3580d7a2a27daab3b6f652fb33737f5a33d9e67
Size

113KB
MD5

d487e491dbde741db1762607af43067d
SHA1

52dcdf63bc84e9bafec804ab37895a931d2c3f19
SHA256

79176070caed90a3b20d5982e3580d7a2a27daab3b6f652fb33737f5a33d9e67
SHA512

7bbbf484199402e6dded84790999a920786ad9dfa1fa2dfd074af143ff7f286a4c747b24787ab7b4de4ebb1361ee9cab19bbb440852c5dfc09ec3162e6da06ce
SSDEEP

1536:t7RyCvJ0VymyNKfGQ3iM5Fcn8d86VLIaQn4dsOjjkoT+RN0vONk9yYaL6pcK+roT:t7tpQOWck8IRdtjANkcFwct2b

Score

N/A

Malware Config

Signatures

Files

79176070caed90a3b20d5982e3580d7a2a27daab3b6f652fb33737f5a33d9e67
.exe windows x86

85d45eb5ab38167e1ee1fa4b55f420a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memset
memcmp
memcpy
_strcmpi
_strlwr

msvcrt

vsprintf
strlen
wcscpy
wcscat
free
strstr
malloc
??3@YAXPAX@Z
??2@YAPAXI@Z
strcpy

kernel32

GetProcessHeap
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
WriteFile
SetFileTime
GetCurrentProcess
DuplicateHandle
CreateFileW
CreateFileA
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
CreateDirectoryW
CreateDirectoryA
GetLastError
lstrcpyA
lstrlenA
LocalFileTimeToFileTime
lstrcmpA
ReadFile
SetFilePointer
GlobalFree
GlobalAlloc
SystemTimeToFileTime
GetWindowsDirectoryA
MultiByteToWideChar
lstrcmpiA
FreeLibrary
VirtualFree
IsBadReadPtr
LoadLibraryA
EnumTimeFormatsA
CloseHandle
GetLocalTime
SetThreadAffinityMask
ExitProcess
GetVersionExA
GetModuleFileNameA
GetProcAddress
VirtualAlloc
VirtualProtect
HeapAlloc

user32

PeekMessageA
SetWindowTextA
CloseWindow
DialogBoxParamA
ShowWindow
SendMessageA

gdi32

CreateBitmap

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85d45eb5ab38167e1ee1fa4b55f420a5

Headers

File Characteristics

Imports

ntdll

msvcrt

kernel32

user32

gdi32

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 76KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 372B

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 372B