02115024b965eba4c4d691ff8cbbd553af5abb3f3ab65059b1666396bdc0645c

Sharing

Copy URL Twitter E-mail

General

Target

02115024b965eba4c4d691ff8cbbd553af5abb3f3ab65059b1666396bdc0645c
Size

256KB
MD5

6c4033035b8c77f76da8117670efb0e1
SHA1

8394ded091e19e99d242da7c0a2ae7d6936697fe
SHA256

02115024b965eba4c4d691ff8cbbd553af5abb3f3ab65059b1666396bdc0645c
SHA512

870cdae9e1cfe18d6e783cbb0487ff8fc8cd3ade0d2e95c683ba3b10f1226e334b7893a657c1f95e721cd436eec387b8b90f4bf568d3d650c5886f1e1b1dd9d5
SSDEEP

3072:iHvPlh+Ta/JmUTSpxD717QoHGPssoeyUCCEed/oyo17W+wodSy:inD5Rmzh7Q4GYX7e59P+7

Score

N/A

Malware Config

Signatures

Files

02115024b965eba4c4d691ff8cbbd553af5abb3f3ab65059b1666396bdc0645c
.exe windows x86

d4465f0f0cfc7ec4f4af19c705bd955a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
CloseHandle
Sleep
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
RtlUnwind
GetCommandLineA
GetVersionExA
RaiseException
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InterlockedExchange
VirtualQuery
InitializeCriticalSection
FlushFileBuffers
GetStringTypeA
GetLocaleInfoA
GetACP
GetOEMCP
LCMapStringA
HeapSize
IsBadReadPtr
IsBadCodePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
VirtualProtect
GetSystemInfo
CompareStringA
FreeLibrary

user32

MessageBoxA
TranslateMessage

Exports

Exports

_CompressFile@24
_CompressFileW@24
_ConvertFile@24
_ConvertFileW@24
_DecompressFile@20
_DecompressFileW@20
_FillWaveFormatEx@16
_FillWaveHeader@16
_VerifyFileW@20

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

gkkbv
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 88KB - Virtual size: 86KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4465f0f0cfc7ec4f4af19c705bd955a

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 928B

gkkbv Size: 8KB - Virtual size: 4KB

Size: 88KB - Virtual size: 86KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 928B

gkkbv
Size: 8KB - Virtual size: 4KB