1dc4c620f327715c73c198241099e0820b953bb84617085437f627e3ce256bf5

General

Target

1dc4c620f327715c73c198241099e0820b953bb84617085437f627e3ce256bf5
Size

914KB
MD5

40a4311cb0bb0098ce446ee68e8aaf20
SHA1

a91214c297fa6d959d299a02a3774cbd7a99cb5c
SHA256

1dc4c620f327715c73c198241099e0820b953bb84617085437f627e3ce256bf5
SHA512

95f58fa1bd61e9d6667844f7a8d126372d2a18ebf050af7ab9610612364dbcabddb500f76af3e14041bc2bcb53c67c9f323dbea8f0311808b5bbc4b25e853948
SSDEEP

24576:ivh5ntMu7+Gss8NOkyAy7SgIpy7drPw54je:iqui7sVkyRSZpy7dhe

Score

N/A

Malware Config

Signatures

Files

1dc4c620f327715c73c198241099e0820b953bb84617085437f627e3ce256bf5
.exe windows x86

f46f475fafbf5381e7640986237235c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AssignProcessToJobObject
CreateDirectoryA
GetStringTypeExA
GetSystemTimeAsFileTime
CreateFileMappingA
VirtualProtectEx
GetVersion
LocalAlloc
GetCurrentThreadId
GetCurrentProcessId
GetTickCount
FlushFileBuffers
QueryPerformanceCounter

msvcrt

rewind
_fstat
wcsrchr
vsprintf
puts
strlen
rand
pow
tan
_snprintf
__setusermatherr
fsetpos
rename
_setjmp3
strrchr
_exit
atoi
cos

user32

GetScrollRange
GetSysColor
CloseClipboard
TrackPopupMenu

oleaut32

SysFreeString
VariantCopy
SetErrorInfo
GetActiveObject
GetErrorInfo

ole32

CoCreateGuid
CoReleaseMarshalData
CoDisconnectObject
CoCreateInstance
CoLoadLibrary
CoTaskMemRealloc
CreateBindCtx

advapi32

InitiateSystemShutdownA
AddAccessAllowedAce
RegCreateKeyExA
RegQueryInfoKeyA
CryptReleaseContext

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 775KB - Virtual size: 856KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f46f475fafbf5381e7640986237235c0

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

ole32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 775KB - Virtual size: 856KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 775KB - Virtual size: 856KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 1KB - Virtual size: 1KB