2f2a4fd65d8dcb4f61cce58529a76bae26c56270412a37a01ba4d80612714fa0

Sharing

Copy URL Twitter E-mail

General

Target

2f2a4fd65d8dcb4f61cce58529a76bae26c56270412a37a01ba4d80612714fa0
Size

423KB
MD5

063a8daf73682710c4c414207b667ea0
SHA1

387535cbcc74a0402d825aee5fe9a0d29055373a
SHA256

2f2a4fd65d8dcb4f61cce58529a76bae26c56270412a37a01ba4d80612714fa0
SHA512

f6f1b44e8cf16e8e1f878069ab0cf9f19c5f55f507e7c8eed2024a7cfde609c267b2b816891dfa5574a9d3bba9f4bda7cc13e59987e5957ac87bd10acfd57dff
SSDEEP

6144:a2OEg7PVjaBi1sjBHAJ7o4UXjQTeAuaxFkRivx6:aD7djaB7OoRTQTcaxw

Score

N/A

Malware Config

Signatures

Files

2f2a4fd65d8dcb4f61cce58529a76bae26c56270412a37a01ba4d80612714fa0
.exe windows x86

6b69e45ecde64ee5d5707adc4f47a5a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetTickCount
LockResource
HeapDestroy
SizeofResource
HeapAlloc
FindResourceW
CloseHandle
HeapFree
FindResourceExW
GetModuleFileNameW
CreateEventW
CreateFileMappingW
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileA
LoadResource
ReadFileEx
WaitForSingleObjectEx
VirtualLock
CreateMutexW
VirtualUnlock
GetCurrentProcess
SetCurrentDirectoryA
CreateDirectoryW
SetProcessWorkingSetSize
SetEvent
FreeLibrary
LoadLibraryA
CreateFileW
GetFileSize
DeviceIoControl
GetLastError
ResetEvent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
RaiseException

user32

SetTimer
EndPaint
BeginPaint
TranslateMessage
DefWindowProcW
DestroyWindow
UpdateWindow
RegisterClassExW
LoadCursorW
LoadIconW
TranslateAcceleratorW
DispatchMessageW
LoadAcceleratorsW
GetMessageW
LoadStringW
PostQuitMessage
UnregisterClassA
KillTimer
CreateWindowExW

shell32

SHGetSpecialFolderPathW

exceptcatch

SetExceptionCatcher

shlwapi

PathCombineW
PathFileExistsW
PathCombineA

msvcr80

_CxxThrowException
_controlfp_s
_invoke_watson
__CxxFrameHandler3
??3@YAXPAX@Z
memmove_s
wcscpy_s
memcpy_s
wcsrchr
_vsnprintf_s
_vsnwprintf_s
??2@YAPAXI@Z
free
memset
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b69e45ecde64ee5d5707adc4f47a5a5

Headers

File Characteristics

Imports

kernel32

user32

shell32

exceptcatch

shlwapi

msvcr80

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 388KB - Virtual size: 388KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 388KB - Virtual size: 388KB