ffaacbfc950a5177e6af9e87116b54f68adae48ed6fbc48813ac796c48931455

Sharing

Copy URL Twitter E-mail

General

Target

ffaacbfc950a5177e6af9e87116b54f68adae48ed6fbc48813ac796c48931455
Size

127KB
MD5

4cf2810c93339eed1e27149d5edfe675
SHA1

8c3d86b1b4d0280adfb7e375b3cfb4ff2ab324b7
SHA256

ffaacbfc950a5177e6af9e87116b54f68adae48ed6fbc48813ac796c48931455
SHA512

0575bb5ef0049b0279f4d7bf2a91b0670f73e37df83a4620d4c3206e93546f785fcad81aad22273c06b19848f32f56e69a500b51333d3b41d0678c5fd7109461
SSDEEP

3072:Bsvlq7j26JPGVyW+cFlaGcQ8WdcziOuc:Bsvlqn2WuVYK0y

Score

N/A

Malware Config

Signatures

Files

ffaacbfc950a5177e6af9e87116b54f68adae48ed6fbc48813ac796c48931455
.exe windows x86

19d5e4b3972ea0d3d9bb5cbfa72131c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CloseServiceHandle
CopySid
InitiateSystemShutdownA
IsTextUnicode
ObjectDeleteAuditAlarmW
RegDeleteKeyA
RegSetValueExW

kernel32

Beep
CloseHandle
CreateFileA
CreateMailslotW
DeleteCriticalSection
EnterCriticalSection
EnumCalendarInfoExW
ExitProcess
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GetVolumePathNameA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFileEx
MultiByteToWideChar
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
SetThreadPriorityBoost
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualQuery
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
_lopen
lstrcmpA

user32

CreateDialogParamW
DdeSetUserHandle
DlgDirListComboBoxW
EndMenu
EnumPropsW
EnumThreadWindows
EnumWindows
EqualRect
GetDoubleClickTime
GetWindowModuleFileNameW
MessageBoxA
MessageBoxIndirectA
RegisterWindowMessageW
SendMessageTimeoutA
SetDlgItemTextA
SetMessageExtraInfo
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19d5e4b3972ea0d3d9bb5cbfa72131c8

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 44KB

.data Size: 13KB - Virtual size: 28KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 65KB - Virtual size: 64KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 44KB

.data
Size: 13KB - Virtual size: 28KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 65KB - Virtual size: 64KB

.reloc
Size: 3KB - Virtual size: 4KB