1b99f34f19956dbbf2f1e0c1ab263e923cb4c98f1218742a14606aad16a782a7

Sharing

Copy URL Twitter E-mail

General

Target

1b99f34f19956dbbf2f1e0c1ab263e923cb4c98f1218742a14606aad16a782a7
Size

138KB
MD5

724a9bc47fb4f0c23d30147f5809e877
SHA1

7541782ad17541bf2494bfab5362725312a6014b
SHA256

1b99f34f19956dbbf2f1e0c1ab263e923cb4c98f1218742a14606aad16a782a7
SHA512

5432523fc7dbbcdb481e0e9aaaa44b1bf0efb057b92521069c42aec9b2ce81b6ef1b3087b582b221040fcedc3d71eed08a292e778704d05ed2aa2f9b50258aed
SSDEEP

3072:2xzwsqbeDBRW+kVLi9xJwASVMYp+2Ud9LNtdrUZqDM:2lYbV+kweMg+nKq

Score

N/A

Malware Config

Signatures

Files

1b99f34f19956dbbf2f1e0c1ab263e923cb4c98f1218742a14606aad16a782a7
.exe windows x86

7deb2d6db407a50615ddb87de8a78c61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PrepareTape
VirtualProtectEx
GetComputerNameW
FindNextChangeNotification
FindFirstChangeNotificationW
GetFileAttributesW
GetTempFileNameW
CopyFileW
GetShortPathNameW
GetEnvironmentVariableW
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedDecrement
Sleep
GetCurrentThreadId
FreeLibrary
LoadLibraryW
GetProcAddress
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RaiseException
DebugBreak
WideCharToMultiByte
IsDebuggerPresent
MultiByteToWideChar
lstrlenA
LoadLibraryA
SetUnhandledExceptionFilter
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualQuery
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetConsoleCtrlHandler
InterlockedExchange
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7deb2d6db407a50615ddb87de8a78c61

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 26KB - Virtual size: 359KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 26KB - Virtual size: 359KB

.rsrc
Size: 1KB - Virtual size: 1KB