5abcecd52cb1b8022537e075dcfeb68b7439243073217d38024cf3570ea94689

Sharing

Copy URL Twitter E-mail

General

Target

5abcecd52cb1b8022537e075dcfeb68b7439243073217d38024cf3570ea94689
Size

246KB
MD5

537ca76ff4c67416b6fbc4e5d7eb7844
SHA1

7d7d215c9ae0584daa7eaafb9ebd6b4a788cd595
SHA256

5abcecd52cb1b8022537e075dcfeb68b7439243073217d38024cf3570ea94689
SHA512

1fb3a1e981aa9874e51a2659e5e98ae265dd2ecea89f2b2a87724aae0238304b8ffe71d873b3084489bff514b69bee52a0b08e8b8dd3f9a15459d41e0c92534b
SSDEEP

3072:+Sy1x8hKhqdgh9QiMdnDOjuQwJfgxDmNN8EbbP:rW8w+gTQndnDD2mNNJ

Score

N/A

Malware Config

Signatures

Files

5abcecd52cb1b8022537e075dcfeb68b7439243073217d38024cf3570ea94689
.exe windows x86

7dfe945b0e926a3f5093cf93f681f259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
IsProcessorFeaturePresent
GetFileAttributesW
CreateProcessW
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
HeapCreate
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
GetModuleFileNameW
GetModuleHandleW
LeaveCriticalSection
HeapAlloc
DecodePointer
EncodePointer
HeapSetInformation
GetCommandLineW
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
UnhandledExceptionFilter
ExitProcess
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
MultiByteToWideChar
GetConsoleMode
InterlockedIncrement
InterlockedDecrement
GetVersion
LocalAlloc
VirtualAlloc
VirtualFree
EnterCriticalSection
DeleteCriticalSection
RaiseException
Sleep
InterlockedCompareExchange
RtlUnwind
GetExitCodeProcess
QueryPerformanceCounter
QueryPerformanceFrequency
LocalFree
WaitForSingleObject
CloseHandle
GetModuleHandleA
CreateProcessA
GetCommandLineA
GetExitCodeThread
FreeLibrary
SetLastError
lstrlenA
WriteFile
GetLastError
GetCurrentThread
HeapFree
GetProcessHeap
DisableThreadLibraryCalls
FlushFileBuffers
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableW
CreateFileW
WideCharToMultiByte
RemoveDirectoryA

user32

GetKeyboardType

advapi32

LookupAccountNameA
RegCloseKey
RegQueryValueExA
RegEnumKeyA
LogonUserW
GetSidSubAuthorityCount
RegOpenKeyExA

oleaut32

SysFreeString
SysAllocStringLen

msvcrt

isprint
sscanf
toupper
wcscpy
fwrite
free
sprintf
strchr
strncmp
fopen
memset
malloc

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dfe945b0e926a3f5093cf93f681f259

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

msvcrt

Sections

.text Size: 32KB - Virtual size: 29KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 76KB - Virtual size: 2.6MB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 32KB - Virtual size: 29KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 76KB - Virtual size: 2.6MB

.rsrc
Size: 72KB - Virtual size: 71KB