f766f96e582d4234e65d109f5545d1c7e4e49b6ce874cb88acd2a89f3f84970b

Sharing

Copy URL Twitter E-mail

General

Target

f766f96e582d4234e65d109f5545d1c7e4e49b6ce874cb88acd2a89f3f84970b
Size

390KB
MD5

181c04b9c844e92d2d56f3b52e0d2575
SHA1

344fb2689d81cd5dbcd25c3b5c03444abef7a596
SHA256

f766f96e582d4234e65d109f5545d1c7e4e49b6ce874cb88acd2a89f3f84970b
SHA512

cff6f66605ee927144d4e64272d9dfbda6c0ca9a89b0105b9c5d65109c0716ab8675cf259ac5df7df833b6fdf46d959ff514802999ff6db4b8facb11d55f9ccc
SSDEEP

6144:EAugtoJ4NHZA3XqW+uTGMPjwTJh8ZqrgLXHuWtjamUvoDojHPUMTjGo3:ug2J4N16VPjwdh88+OWhBeoAvZTD

Score

N/A

Malware Config

Signatures

Files

f766f96e582d4234e65d109f5545d1c7e4e49b6ce874cb88acd2a89f3f84970b
.exe windows x86

9a4d6a397dec5de0bdb2fa6250fd429b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
ResumeThread
CreateFileA
LoadLibraryA
GetLastError
VirtualFree
VirtualAlloc
GetModuleHandleA
GetSystemTime
Sleep
ReadFile
FlushViewOfFile
MapViewOfFile
GetFileSize
GlobalFree
LocalAlloc
WriteFile
GlobalAlloc
FindClose
FindNextFileA
FreeLibrary
EndUpdateResourceA
UpdateResourceA
SizeofResource
BeginUpdateResourceA
LockResource
LoadResource
HeapAlloc
SuspendThread
FreeResource
VirtualProtect
GetProcAddress
SetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
ExitProcess
CreateThread
CloseHandle
HeapFree
CopyFileA
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
HeapReAlloc
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA

user32

CreateWindowExA
GetClientRect
DefWindowProcA
GetIconInfo
GetDC
GetDesktopWindow
IsWindow
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
CopyImage
DrawIcon
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadStringA
LoadAcceleratorsA
ReleaseDC

gdi32

CreatePenIndirect
CreateCompatibleBitmap
GetDIBits
GetObjectA
DeleteObject

ole32

CoCreateInstance
CoUninitialize

lz32

GetExpandedNameA

pdh

PdhAddCounterA
PdhOpenQueryA
PdhCollectQueryData

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a4d6a397dec5de0bdb2fa6250fd429b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

lz32

pdh

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 172KB - Virtual size: 692KB

.rsrc Size: 4KB - Virtual size: 3KB

.sdata Size: 142KB - Virtual size: 142KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 172KB - Virtual size: 692KB

.rsrc
Size: 4KB - Virtual size: 3KB

.sdata
Size: 142KB - Virtual size: 142KB