8846d359af900a2abac119402e58978b8164e83c9945574a07d939b979231c60

Sharing

Copy URL Twitter E-mail

General

Target

8846d359af900a2abac119402e58978b8164e83c9945574a07d939b979231c60
Size

640KB
MD5

059151566a739a676c1a83cab45b8350
SHA1

52533e7b496d6f08056190ce80be84b8b53b93d7
SHA256

8846d359af900a2abac119402e58978b8164e83c9945574a07d939b979231c60
SHA512

89e7cc82595fe7d355b24920da3288e878041b2aab89570b119f8d943dbf5d85d58fbf25e18d2b0b54badbca69ab6e2a7d970bf6670d935960d255875858e96e
SSDEEP

3072:OXKRb9MUHUvTr/gwDxtol4Ukiz3VB+5OluTyubHe2/x3e0Z7a1YTUp3f8o:6SbnQv/9fU4MzD+EluPzXOcVcL

Score

N/A

Malware Config

Signatures

Files

8846d359af900a2abac119402e58978b8164e83c9945574a07d939b979231c60
.exe windows x86

024f559b55363b0a0ca3afd4196d171e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiConsoleTextOut
OffsetWindowOrgEx
BeginPath

kernel32

DeleteVolumeMountPointW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindNextFileW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GlobalMemoryStatus
InterlockedExchange
MoveFileExW
MultiByteToWideChar
QueryPerformanceCounter
lstrlenW
VirtualAlloc
GetProcAddress
GetModuleHandleW
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
EncodePointer
GetLastError
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryW
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
WriteFile
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
HeapDestroy
HeapFree
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
HeapAlloc
HeapReAlloc
LCMapStringW
GetStringTypeW

ole32

OleRegGetUserType
HMETAFILEPICT_UserSize
CoSetProxyBlanket

oleaut32

DosDateTimeToVariantTime
VarR4FromR8

user32

AppendMenuA
CharNextW
GetDlgItemTextA

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 584KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

024f559b55363b0a0ca3afd4196d171e

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

ole32

oleaut32

user32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 584KB - Virtual size: 584KB

.data Size: 3KB - Virtual size: 11KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 584KB - Virtual size: 584KB

.data
Size: 3KB - Virtual size: 11KB