a8e4bdecb43d575818ee82cfe7782ff78b42eb2aeb02e8441f4eaa333be5032e

Sharing

Copy URL Twitter E-mail

General

Target

a8e4bdecb43d575818ee82cfe7782ff78b42eb2aeb02e8441f4eaa333be5032e
Size

821KB
MD5

673fa04cb2f9f0a6700098210bdc0ee0
SHA1

f9a5d81e1170c3830244b0d0b59f5f2062728eb4
SHA256

a8e4bdecb43d575818ee82cfe7782ff78b42eb2aeb02e8441f4eaa333be5032e
SHA512

90a07e6b4f2d8ac7ddfebdd26b66ff01ce7a538c24e27ab83b5e7acd85468e2f0fb3109c7f629806fa1875007e2fb2af802990c7ba977e5bc2715cc6f00b3f02
SSDEEP

12288:H/BE2p1idNGKq5dG8A3kKHi/0ESGqF2VKr9groFD+:HXpAdNGK8dG8A3kKHicES1FF+oZ+

Score

N/A

Malware Config

Signatures

Files

a8e4bdecb43d575818ee82cfe7782ff78b42eb2aeb02e8441f4eaa333be5032e
.exe windows x86

176939437f5e44ae660bd0a477630df5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessTimes
GetCurrentProcess
GetThreadTimes
GetCurrentThread
GlobalMemoryStatus
QueryPerformanceCounter
GetTickCount
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
CloseHandle
CreateFileMappingA
GetCurrentThreadId
GetVersionExA
SleepEx
LocalFree
FormatMessageA
SetCurrentDirectoryA
GetSystemTime
GetFileTime
GetFileSize
CreateFileA
ReadFile
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
Sleep
GetEnvironmentVariableA
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
GetSystemTimeAdjustment
WaitForMultipleObjects
ResetEvent
MapViewOfFile
SetEvent
UnmapViewOfFile
GetHandleInformation
GetCurrentDirectoryA
GetLastError

user32

DestroyWindow
PostQuitMessage
DispatchMessageA
IsDialogMessageA
GetWindowLongA
GetMessageA
SetWindowLongA
CreateDialogParamA
RegisterClassA
LoadCursorA
PostMessageA
MessageBoxA
SendMessageA
FindWindowA
GetForegroundWindow
GetCapture
GetClipboardOwner
GetQueueStatus
GetCursorPos
DefDlgProcA

advapi32

GetUserNameA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCloseKey

msvcr80

fputc
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_except_handler4_common
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
strncpy
memcpy
memset
__setusermatherr
fgetc
fopen
strchr
exit
strstr
_atoi64
??3@YAXPAX@Z
malloc
realloc
free
_vsnprintf
printf
qsort
sprintf
memmove
strcspn
sscanf
strspn
fputs
__iob_func
fwrite
fgets
fflush
fprintf
strrchr
vfprintf
strtok
strncat
atoi
strtoul
memchr
abort
fclose
fread
ungetc
remove
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 596KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

176939437f5e44ae660bd0a477630df5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcr80

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 596KB - Virtual size: 596KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 596KB - Virtual size: 596KB