4f42b7dbfaf85f75c1bda1d3b6e03d75e6a552ea29c2b1f379886369ee0acef5

Sharing

Copy URL Twitter E-mail

General

Target

4f42b7dbfaf85f75c1bda1d3b6e03d75e6a552ea29c2b1f379886369ee0acef5
Size

4.3MB
MD5

80a8a0653d5321472db4463bf9a6fa01
SHA1

7a7fe3c32152dcee4a50090336e6b74b06fef44d
SHA256

4f42b7dbfaf85f75c1bda1d3b6e03d75e6a552ea29c2b1f379886369ee0acef5
SHA512

ac811c7b531aeef5b231d2b5b14eb1f5cb903968bb5081c6c73781ec23d0744a8845639dc2057b345046a1dc260a6a0ef8319cded10ece7661e334decda26f0d
SSDEEP

98304:xfBUXSTsklpB53lb+R2mMRb5XD67r2c6jQHRnb10+hIe5:xf/TsklP51b+R2JbXQCMxb1Hn5

Score

N/A

Malware Config

Signatures

Files

4f42b7dbfaf85f75c1bda1d3b6e03d75e6a552ea29c2b1f379886369ee0acef5
.exe windows x86

8f1c432cd73af8856ff3881d4e330a21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreateSequential

kernel32

WriteConsoleW
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FindResourceExW
LoadResource
SizeofResource
CreateFileW
GetLastError
CreateFileMappingW
LockResource
CloseHandle
WriteFile
ReadFile
FreeLibrary
LoadLibraryExW
CreateDirectoryW
GetSystemDirectoryW
FormatMessageW
GetFileAttributesW
GetModuleFileNameW
GetSystemDirectoryA
MultiByteToWideChar
GetTempPathW
GetCurrentDirectoryW
SetLastError
GetProcAddress
MoveFileW
SetCurrentDirectoryW
RemoveDirectoryW
DeleteFileW
TlsGetValue
VirtualQuery
HeapAlloc
GetCurrentProcess
HeapFree
GetTickCount
GetProcessHeap
InitializeCriticalSection
TlsSetValue
LeaveCriticalSection
FlushInstructionCache
VirtualAlloc
EnterCriticalSection
GetSystemInfo
GetModuleHandleA
VirtualProtect
DeleteCriticalSection
GetVersionExA
TlsAlloc
GetCurrentProcessId
TlsFree
FlushFileBuffers
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
GetStringTypeW
EncodePointer
DecodePointer
Sleep
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetCPInfo
RtlUnwind
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleHandleW
ExitProcess
GetStdHandle
GetLocaleInfoW
GetACP
GetOEMCP
IsValidCodePage
GetCurrentThreadId
IsProcessorFeaturePresent
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
SetStdHandle

Exports

Exports

ExtractLzmaFile
ExtractLzmaRes
ExtractSzipFile
ExtractSzipRes

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164.5MB - Virtual size: 164.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f1c432cd73af8856ff3881d4e330a21

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 6KB - Virtual size: 22KB

.rsrc Size: 164.5MB - Virtual size: 164.5MB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 6KB - Virtual size: 22KB

.rsrc
Size: 164.5MB - Virtual size: 164.5MB

.reloc
Size: 9KB - Virtual size: 8KB