dc234422f27e9d52e391f69f9dd081f9eaa0599a22d9253df285221e6b0012b8

Sharing

Copy URL Twitter E-mail

General

Target

dc234422f27e9d52e391f69f9dd081f9eaa0599a22d9253df285221e6b0012b8
Size

160KB
MD5

695d3416fda9c5305cee27b87168c260
SHA1

7df1de1017b00d7737d7c73497d2284031e4bbcc
SHA256

dc234422f27e9d52e391f69f9dd081f9eaa0599a22d9253df285221e6b0012b8
SHA512

6dd9c6035f6740b497fff044a615b6344ece5bdb79d11570c8316e4b5ca8a87b5c00c17e8b24adb008e7d98824fdd97fe040d4e8f86f0c59f44bbdb517ce3eac
SSDEEP

3072:7Hq+QrlvUcL2Kac7QbiONADPJLiftrEqBrULvHdm4rUmEuqIivVZ:PQrlvUcL2fbSb+EMQkZIEV

Score

N/A

Malware Config

Signatures

Files

dc234422f27e9d52e391f69f9dd081f9eaa0599a22d9253df285221e6b0012b8
.exe windows x86

648db94a8f78062effdfc537c4db98b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
InterlockedIncrement
CompareFileTime
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcess
GetCurrentProcessId
GetStartupInfoW
VirtualAlloc
QueryPerformanceCounter
ExitProcess
HeapFree
HeapSize
EnterCriticalSection
FreeLibrary
InitializeCriticalSection
FreeEnvironmentStringsW
GetOEMCP
CreateEventW
GetEnvironmentStringsW
SetLastError
LeaveCriticalSection
SetFilePointer
LoadResource
GetCommandLineW
FormatMessageW
lstrlenW
ReadFile
LCMapStringW
CreateFileA
DeleteCriticalSection
WriteFile
SetHandleCount
LoadLibraryA
FreeLibraryAndExitThread
HeapAlloc
WaitForSingleObject
LoadLibraryW
GetStringTypeW
WideCharToMultiByte
FindClose
MultiByteToWideChar
HeapDestroy
LocalFree
GetFileAttributesW
SetEndOfFile
CompareStringW
CompareStringA
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
IsValidCodePage
IsValidLocale
SetEnvironmentVariableA
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetLocaleInfoW
GetLocaleInfoA
RtlUnwind
HeapReAlloc
GetACP
GetCPInfo
GetVersionExA
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetLastError
GetCommandLineA
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
VirtualFree
GetTickCount
GetSystemTimeAsFileTime
FatalAppExitA
SetConsoleCtrlHandler
InterlockedExchange
Sleep

user32

GetSystemMetrics
IsChild
KillTimer
RegisterClassW
DestroyMenu
GetClientRect
MoveWindow
IsIconic
ShowWindow
CloseClipboard
ExitWindowsEx
EndPaint
GetCapture

msi

ord50

shell32

SHGetIconOverlayIndexA

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

648db94a8f78062effdfc537c4db98b0

Headers

File Characteristics

Imports

kernel32

user32

msi

shell32

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 52KB - Virtual size: 92KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 52KB - Virtual size: 92KB

.reloc
Size: 4KB - Virtual size: 3KB