504905d21a675a4a9d0fbe9e6c7e3be4e036b7a1ca64ca317df2ffee114bf7de

General

Target

504905d21a675a4a9d0fbe9e6c7e3be4e036b7a1ca64ca317df2ffee114bf7de
Size

85KB
MD5

6cf5e3492890eada3b5199881c101780
SHA1

413375fb790b6430b09e5a3f772902fc827c6788
SHA256

504905d21a675a4a9d0fbe9e6c7e3be4e036b7a1ca64ca317df2ffee114bf7de
SHA512

f95202eeebc2812a04b5a57d02cc15c5d70407b3f9ad0df3efe6cb5eb276d33cec0cb0ed361fa86a2acaef4c64dc107d450399e64d8b31796e9f8dcf31a489e8
SSDEEP

1536:Hti74/fCto6dthasfy7iTIVZ/fY7u0jze8/fAa:NmkCto6nQsfy6IV9V0Pe8HJ

Score

N/A

Malware Config

Signatures

Files

504905d21a675a4a9d0fbe9e6c7e3be4e036b7a1ca64ca317df2ffee114bf7de
.exe windows x86

da30d9d08e33dc8a2563321777fd9047

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
DragQueryFileA

kernel32

GetCurrentThreadId
GetCurrentProcess
WriteFile
GetFullPathNameA
GetLocalTime
CloseHandle
GetCommandLineA
WideCharToMultiByte
MulDiv
SetEvent
DeleteFileA
GetUserDefaultLCID
LockResource
SizeofResource
ExitThread
GetCurrentThread
SetLastError
GetOEMCP
GetDateFormatA
GlobalDeleteAtom
LoadLibraryA
LocalAlloc
GetStdHandle
GetModuleFileNameA
CreateThread
GetCPInfo
SetEndOfFile
GetStringTypeW
FreeResource
EnumCalendarInfoA
Sleep
GetEnvironmentStrings
GetFileAttributesA
ExitProcess
MoveFileExA
GetFileSize
CreateFileA
LoadResource
GlobalAlloc
InitializeCriticalSection
SetErrorMode
HeapAlloc
LocalFree
GetProcessHeap
FindClose
GetStringTypeA
GetProcAddress
VirtualFree
LocalReAlloc
VirtualAlloc
HeapFree
ReadFile
GetLastError
HeapDestroy

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 64KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da30d9d08e33dc8a2563321777fd9047

Headers

File Characteristics

Imports

shell32

kernel32

Sections

CODE Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 4KB

DATA Size: 64KB - Virtual size: 99KB

BSS Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 571B

CODE
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 4KB

DATA
Size: 64KB - Virtual size: 99KB

BSS
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 571B