e537edc0afbcc32a455662dd9ebbe659270b6bccd8a6e932d7658020bb7b250f

Sharing

Copy URL Twitter E-mail

General

Target

e537edc0afbcc32a455662dd9ebbe659270b6bccd8a6e932d7658020bb7b250f
Size

640KB
MD5

66f4e575ba43398b26ce3b5062189030
SHA1

f3577773823a89e2b860be802fece1ddf787e5e1
SHA256

e537edc0afbcc32a455662dd9ebbe659270b6bccd8a6e932d7658020bb7b250f
SHA512

568435698ca309afc3f025b8a021cb1c0328c0b2ca7dcb20f5497735a4efaedb6246a318b6fe4b16a54200512b990bec997ee013f8094f114212bf8242f71245
SSDEEP

12288:/TTTTTWXfrVFXNERLh63x16fy0FYkaTaNhRf7R7CfZnzntZ//:/TTTTTOrVVqR1Ux1QyOCmVl7CFt

Score

N/A

Malware Config

Signatures

Files

e537edc0afbcc32a455662dd9ebbe659270b6bccd8a6e932d7658020bb7b250f
.exe windows x86

596da7dec27c713ab3ae1b437b980564

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
sin
RtlUnwind

kernel32

InterlockedCompareExchange
AddVectoredExceptionHandler
GetExitCodeProcess
CreateWaitableTimerW
GetCurrentThread
RemoveVectoredExceptionHandler
GetProcessHeap
GlobalLock
WideCharToMultiByte
GetProcAddress
SetFilePointer
GetShortPathNameA
LocalFree
GetStringTypeW
lstrlenA
lstrcpynA
GetPrivateProfileStringA
ExitProcess
WritePrivateProfileStringA
GetSystemDirectoryA
SetUnhandledExceptionFilter
lstrcmpiA
UnmapViewOfFile
UnhandledExceptionFilter
HeapAlloc
SizeofResource
FlushFileBuffers
LocalAlloc
HeapFree
CreateFileMappingA
FindResourceA
LoadLibraryA
FreeEnvironmentStringsA
GlobalFree
GetFileSize
CompareStringA
GlobalUnlock
FindFirstFileA
IsBadReadPtr
GetEnvironmentStrings
IsBadCodePtr
LCMapStringW
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
LoadResource
LCMapStringA
GetModuleHandleA
GetStdHandle
GetLastError
MoveFileExA
GetEnvironmentStringsW
CloseHandle
GetTempPathA
GetStringTypeA
GetFileAttributesA
FindClose
FreeEnvironmentStringsW
SetHandleCount
MapViewOfFile
LockResource
GetDiskFreeSpaceA
GetWindowsDirectoryA
lstrcpyA
lstrcatA
SetEnvironmentVariableA
GetOEMCP
GlobalAlloc
CreateFileA
GetTimeZoneInformation
GetLocaleInfoW
CompareStringW
GetFileType
GetACP
VirtualQuery
GetCommandLineA
GetVersionExA
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
WriteFile
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
GetCPInfo
MultiByteToWideChar
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryExA
InitializeCriticalSection
Sleep
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
VirtualProtect
GetSystemInfo

shell32

SHGetPathFromIDListA
ShellExecuteA

advapi32

RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 156KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

596da7dec27c713ab3ae1b437b980564

Headers

File Characteristics

Imports

ntdll

kernel32

shell32

advapi32

Sections

.text Size: 156KB - Virtual size: 371KB

.rdata Size: 424KB - Virtual size: 423KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 156KB - Virtual size: 371KB

.rdata
Size: 424KB - Virtual size: 423KB

.rsrc
Size: 56KB - Virtual size: 52KB