41a9a8532328cab641be3eb6b510a85f3a4a28ca6b1a3ebd6f98320742a7cee0

General

Target

41a9a8532328cab641be3eb6b510a85f3a4a28ca6b1a3ebd6f98320742a7cee0
Size

138KB
MD5

67f76ef5be8f897cdd53ff3a479fce50
SHA1

908142ca0e9a672e2c0cbe2d27f642487a7ea63f
SHA256

41a9a8532328cab641be3eb6b510a85f3a4a28ca6b1a3ebd6f98320742a7cee0
SHA512

ec5866cd431ef2bbb43c3b17ba1173dff01195dd9142118d906132706518ba077091db9912af781549a0c6d7d77876fc0ae6f02e5174edc129687c8c08fadc00
SSDEEP

3072:CY69xtS4QhUcU92VdDeVDMIMrDOiHapiTcOyU47kWLH1FADBpz8cpsTVvRcVBCqY:CY69x/B99QMDUXHNSiBpLsVZ8BC

Score

N/A

Malware Config

Signatures

Files

41a9a8532328cab641be3eb6b510a85f3a4a28ca6b1a3ebd6f98320742a7cee0
.exe windows x86

fc3c3bcdb8733feb8fd1313662ed687d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
FreeLibrary
Sleep
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
GetLastError
ResetEvent
SetEvent
InterlockedExchange
CancelIo
GetLocalTime
CloseHandle
GetCurrentProcessId
lstrcmpA
GetPrivateProfileStringA
lstrcatA
CreateDirectoryA
lstrcpyA
lstrlenA
GetDiskFreeSpaceExA
FindClose
LocalFree
LocalReAlloc
LocalAlloc
DeleteFileA
GetFileSize
SetFilePointer
MoveFileA
CreateProcessA
CreateThread
InitializeCriticalSection
MultiByteToWideChar
lstrcmpiA
MapViewOfFile
HeapFree
CreateFileMappingA
UnmapViewOfFile
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
WaitForMultipleObjects
LocalSize
TerminateProcess
OpenProcess
GetCurrentProcess
GetSystemInfo
GetComputerNameA
InterlockedDecrement
WriteFile
SetErrorMode
WideCharToMultiByte
RaiseException

msvcrt

puts
__CxxFrameHandler
_CxxThrowException
memmove
ceil
_ftol
strstr
rand
sprintf
strncpy
strchr
malloc
free
_except_handler3
atoi
strrchr
strncmp
_errno
wcscpy
_beginthreadex
system
calloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
??3@YAXPAX@Z
putchar
??2@YAPAXI@Z
_strrev
_strnicmp
_strcmpi
??0exception@@QAE@ABV0@@Z
strlen
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
memcpy
wcslen

Exports

Exports

heiyuxhj
heiyxhj

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc3c3bcdb8733feb8fd1313662ed687d

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 129KB

.CRT Size: 512B - Virtual size: 40B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 129KB - Virtual size: 129KB

.CRT
Size: 512B - Virtual size: 40B

.rsrc
Size: 7KB - Virtual size: 7KB