fc2eb43d0502e2f74f64951521dcac299bd8c9cb9807d1ba7a1883a807e43bc1

Sharing

Copy URL

Twitter E-mail

General

Target

fc2eb43d0502e2f74f64951521dcac299bd8c9cb9807d1ba7a1883a807e43bc1
Size

384KB
MD5

6ed9ee3a8e511ffbe7bf2e3f8c8c8d36
SHA1

cb511a0c49d5858e96793b78324d7d804d2d4fee
SHA256

fc2eb43d0502e2f74f64951521dcac299bd8c9cb9807d1ba7a1883a807e43bc1
SHA512

93ffcddee4c8687b06c02768e1efcf13b7f0fd9522c73c65627ab8c88216160872e23de577d58de6b8df0cec234b6b61c2ffebd84ef562d596ce487ebded94f5
SSDEEP

6144:Z5QioRT/ryfr1tR8PFgHu3WIvi0hGz0plscPC2fTOShhne:ZmioxO8cuGIJGg3jCGTO5

Score

N/A

Malware Config

Signatures

Files

fc2eb43d0502e2f74f64951521dcac299bd8c9cb9807d1ba7a1883a807e43bc1
.exe windows x86

5b15306aa17de08482aed80becc00a56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateThread
FreeLibrary
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetCurrentProcessId
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
GlobalFree
ReleaseMutex
GetWindowsDirectoryW
LoadLibraryA
lstrlenA
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetStringTypeW
GetEnvironmentVariableA
GetFileType
CloseHandle
TerminateThread
CreateProcessA
GetCurrentThreadId
CreateEventA
SetEvent
ResetEvent
WaitForSingleObject
GetTickCount
CreateSemaphoreA
VirtualProtect
WideCharToMultiByte
GetCommandLineA
GetStdHandle
SetHandleCount
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

user32

SendMessageW
PostMessageW
SetWindowLongW
GetDlgItem
GetWindowLongW
SetCursor
LoadCursorW
SetWindowTextW
MessageBoxW
ShowWindow
UnregisterClassA
wsprintfW
MsgWaitForMultipleObjects
PostThreadMessageA
PostQuitMessage
PeekMessageA
DispatchMessageA
GetParent

advapi32

LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
LsaNtStatusToWinError
RegEnumValueA
RegQueryValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyA
RegCloseKey
RegEnumKeyA
LsaFreeMemory

rpcrt4

NdrClientCall2

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b15306aa17de08482aed80becc00a56

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 316KB - Virtual size: 315KB

.data Size: 12KB - Virtual size: 323KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 316KB - Virtual size: 315KB

.data
Size: 12KB - Virtual size: 323KB

.rsrc
Size: 4KB - Virtual size: 1KB