8b4d867c9c758adf8c0b2bc1ebc2c0d7b00b10b7a7220439455d8e0fd514e0a6

Sharing

Copy URL Twitter E-mail

General

Target

8b4d867c9c758adf8c0b2bc1ebc2c0d7b00b10b7a7220439455d8e0fd514e0a6
Size

517KB
MD5

617f997a2548cbcc5bc34763a2450536
SHA1

3ac6357942eeef72551aa82a57911db445dfd29f
SHA256

8b4d867c9c758adf8c0b2bc1ebc2c0d7b00b10b7a7220439455d8e0fd514e0a6
SHA512

1330f9a47f9edb9b2b60e0c796ea7d1ab4f7b17b60c4b02be719be7314e3a24ae026fafe2b3a24eccb2a769b6e473de4379f3f95b5f5b6bf6c1c42fb25e9959b
SSDEEP

12288:j2JLM+iF1wvZsZ5I2nwRpdQ+Icf8cx5YSWiI:jNj1k0ZoUcx5ci

Score

N/A

Malware Config

Signatures

Files

8b4d867c9c758adf8c0b2bc1ebc2c0d7b00b10b7a7220439455d8e0fd514e0a6
.exe windows x86

b6dab1047c3982d20bb69e12432d6bb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GopherGetLocatorTypeA

kernel32

CompareStringA
LeaveCriticalSection
CompareStringW
GetThreadLocale
GetModuleFileNameA
HeapFree
InterlockedExchange
GetModuleFileNameW
GetCommandLineA
GlobalFindAtomA
GetEnvironmentStringsW
GetOEMCP
HeapDestroy
QueryPerformanceCounter
GetStdHandle
LoadLibraryA
Sleep
SetEnvironmentVariableA
SetFilePointer
MultiByteToWideChar
GetConsoleCP
ReadFile
FindFirstFileExA
TlsGetValue
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
SetThreadContext
FreeEnvironmentStringsA
GetProcAddress
EnumTimeFormatsA
SetStdHandle
RtlUnwind
SetConsoleCtrlHandler
GetEnvironmentStrings
LoadLibraryExW
HeapSize
SetCurrentDirectoryW
IsDebuggerPresent
GetCurrentThread
EnterCriticalSection
GetPrivateProfileIntA
IsValidLocale
GetSystemTimeAsFileTime
TerminateProcess
FreeLibrary
GetVersionExA
GetModuleHandleA
CreateFileA
FileTimeToSystemTime
GetLastError
GetStartupInfoW
VirtualFree
HeapReAlloc
GetCommandLineW
TlsFree
EnumSystemLocalesA
GetDateFormatA
GetACP
GetFileType
ExitProcess
LCMapStringA
GetTempPathA
SetUnhandledExceptionFilter
IsValidCodePage
InterlockedDecrement
TlsAlloc
ContinueDebugEvent
GetConsoleOutputCP
GetStartupInfoA
GetLocaleInfoA
DeleteCriticalSection
GetProcessHeap
GetLocaleInfoW
GetUserDefaultLCID
SetLastError
GetTickCount
VirtualAlloc
FreeEnvironmentStringsW
EnumResourceTypesA
GetPrivateProfileStringA
GetPrivateProfileSectionW
OpenMutexA
FreeLibraryAndExitThread
TlsSetValue
OpenSemaphoreW
GetTimeFormatA
SetHandleCount
CreateMutexA
GetCPInfo
LCMapStringW
HeapCreate
GetCurrentThreadId
GetCurrentProcess
GetConsoleMode
FlushFileBuffers
WriteConsoleA
InitializeCriticalSection
GetFullPathNameW
UnhandledExceptionFilter
GetCurrentProcessId
CloseHandle
InterlockedIncrement
WriteFile
WriteConsoleW
SetEndOfFile
GetStringTypeW
HeapAlloc
VirtualQuery
GetStringTypeA
WideCharToMultiByte

user32

RegisterClassA
RegisterClassExA
SetMenuItemInfoW

comctl32

InitCommonControlsEx

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6dab1047c3982d20bb69e12432d6bb8

Headers

File Characteristics

Imports

wininet

kernel32

user32

comctl32

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 9KB - Virtual size: 28KB

.data Size: 356KB - Virtual size: 356KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 9KB - Virtual size: 28KB

.data
Size: 356KB - Virtual size: 356KB

.rsrc
Size: 7KB - Virtual size: 6KB