af3b9fced962e251145c9704758b8dddf59654cdf02b364ea150a4a22c1da9d9

General

Target

af3b9fced962e251145c9704758b8dddf59654cdf02b364ea150a4a22c1da9d9
Size

216KB
MD5

419cc37b122acd92bd2fd5a99d49a8df
SHA1

85904cd4837b762e1fc418539298de36ef058418
SHA256

af3b9fced962e251145c9704758b8dddf59654cdf02b364ea150a4a22c1da9d9
SHA512

ac5b6f28e4ad5a25d78366c360eda9ccc36b1bb3760a6d9b4229d9235f0e463d729fb6d1c7b7c8e85e892dcd73b39e258f8b34876b69d47d99734427447b8a00
SSDEEP

3072:jANqChqTMrLW0xQ9ABJ7+vz3Paky8/6nn5ntwNFk3t0ss85n0/o2Sgk1H0GbRgLt:/jTd80ABJSPHyu6n5nyss8h0/OwNud

Score

N/A

Malware Config

Signatures

Files

af3b9fced962e251145c9704758b8dddf59654cdf02b364ea150a4a22c1da9d9
.exe windows x86

fcd987b94f741c69792d18c80f991606

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoA
InvertRect
FindWindowExA
SetRect
IsZoomed
SetParent
DdeConnect
SetCursor
TranslateAcceleratorW
PostQuitMessage
LoadImageA
GetKeyboardState
AppendMenuW
ActivateKeyboardLayout
CharLowerBuffW
TabbedTextOutW
GetMessageA
CopyImage
LoadIconW
LoadStringA
DrawTextW
DefWindowProcW
DdeDisconnect
SetCaretPos
TrackPopupMenu
RegisterClipboardFormatW
CharPrevA
CreateMenu
IsRectEmpty

kernel32

WaitForMultipleObjectsEx
LoadLibraryExA
LockResource
SetEnvironmentVariableW
HeapSize
GlobalMemoryStatus
GetLocaleInfoW
FileTimeToLocalFileTime
RemoveDirectoryA
GetVolumeInformationA
IsDebuggerPresent
GlobalGetAtomNameA
TlsGetValue
LocalReAlloc
lstrcmpW
GetLogicalDriveStringsA
GetTempFileNameA
SetFileAttributesA
ExpandEnvironmentStringsW
TerminateProcess
CreateNamedPipeA
ExitProcess
VirtualAlloc
lstrlenA
GetCommandLineA
InterlockedCompareExchange
GetCommandLineW
DeleteFileW
GetPriorityClass
CreateMutexW
SetCurrentDirectoryA
HeapDestroy
MultiByteToWideChar
FindResourceExW
SwitchToThread
FindResourceExA
CreateFileA
GlobalAddAtomW
GetStartupInfoW
GetNumberFormatW
CreateDirectoryA
MapViewOfFileEx
ResetEvent
_llseek
GetSystemTime
MoveFileExA
MapViewOfFile
EnumCalendarInfoA
GetConsoleCP
Process32FirstW
ResumeThread
SetFilePointerEx

advapi32

OpenProcessToken
BuildExplicitAccessWithNameW
IsValidSid
RegQueryInfoKeyW
AccessCheck
RegCreateKeyA
RegSetKeySecurity

msvcrt

wcsspn
exit
wcschr
_cexit
_wtoi
_itow
towlower
_splitpath
strchr
_controlfp
_expand
_wtoi64
_stricmp
_wtol
wcslen

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcd987b94f741c69792d18c80f991606

Headers

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 196KB - Virtual size: 194KB

.data Size: 8KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 196KB - Virtual size: 194KB

.data
Size: 8KB - Virtual size: 4KB