250788f6d5e347e5fd7a4c356f3842e68990b4328e1c7600d336d2e5d975bfab

Sharing

Copy URL Twitter E-mail

General

Target

250788f6d5e347e5fd7a4c356f3842e68990b4328e1c7600d336d2e5d975bfab
Size

58KB
MD5

66cc128d41725d3d5758b8a1f44fe330
SHA1

1cbfeee171980df3049eb3c66bbcd81bef5409dd
SHA256

250788f6d5e347e5fd7a4c356f3842e68990b4328e1c7600d336d2e5d975bfab
SHA512

22e028e49d8cf9f0a361a9b69de8d848ca69da992c9d15a74941ffea84b3fd258da21d90a36f1fa914d5839cbdb0a43b9e0bbadb01443ab68e8ce5a8ddaa771d
SSDEEP

1536:IITUEOdK18ihLc5oBN3IL3PTOHzQH7b5G1eG6ivKip0uE:vTUv6MYN3ImHzQH7b5YeG6ivKWa

Score

N/A

Malware Config

Signatures

Files

250788f6d5e347e5fd7a4c356f3842e68990b4328e1c7600d336d2e5d975bfab
.exe windows x86

f5f172d1d9683f90973de1d623804fe5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetConsoleCtrlHandler
Sleep
SetConsoleCursorPosition
ReadConsoleInputW
PeekConsoleInputW
GetConsoleScreenBufferInfo
FlushConsoleInputBuffer
GetNumberOfConsoleInputEvents
SetConsoleMode
GetConsoleMode
GetStdHandle
SetLastError
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleFileNameW
GetConsoleOutputCP
GetSystemDirectoryW
LoadLibraryW
FreeLibrary
HeapReAlloc
HeapFree
WriteConsoleW
HeapSize
HeapAlloc
GetProcessHeap
HeapValidate
WideCharToMultiByte
CompareStringA
GetThreadLocale
CompareStringW
lstrlenW
GetFileType
VerifyVersionInfoW
FormatMessageW
LocalFree
GetLastError

user32

CharUpperW
LoadStringW

ws2_32

WSACleanup

shlwapi

StrChrIW
StrStrW
StrStrIW
StrChrW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

_adjust_fdiv
__setusermatherr
fprintf
fflush
wcstod
_initterm
_except_handler3
_fileno
wcstol
_errno
_iob
time
_vsnwprintf
_controlfp
__set_app_type
__p__fmode
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_get_osfhandle
__p__commode
_exit
_c_exit
wcstoul

ntdll

VerSetConditionMask

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

naemngk
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5f172d1d9683f90973de1d623804fe5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

shlwapi

version

msvcrt

ntdll

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 384B

.rsrc Size: 37KB - Virtual size: 38KB

naemngk Size: - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 384B

.rsrc
Size: 37KB - Virtual size: 38KB

naemngk
Size: - Virtual size: 4KB