08ef832ab4e3b02425fbc4160415a17ef2070dd92bfc71e85cd722c2c79bb996

Sharing

Copy URL Twitter E-mail

General

Target

08ef832ab4e3b02425fbc4160415a17ef2070dd92bfc71e85cd722c2c79bb996
Size

84KB
MD5

4deb06e74eaf2fd0465db8275967db98
SHA1

51a82f27193ccc4beaf89d6c6899e44cd29f644f
SHA256

08ef832ab4e3b02425fbc4160415a17ef2070dd92bfc71e85cd722c2c79bb996
SHA512

744e9a6f7480f32e86a204bd2d9d6951c5a2f96683be658045e10f8ee76b99f8191536121ced39d674529d498bed816b00decb26125014018624f0f22346484d
SSDEEP

768:0fPGUytp2IrFCm5YM60AD2HqJ1CMb2exDHoTmGHNftXJdau44OxVp4zefO4y0Uis:0HGUdgObDQ6KKo9tVzp44OxVGQp17nQ

Score

N/A

Malware Config

Signatures

Files

08ef832ab4e3b02425fbc4160415a17ef2070dd92bfc71e85cd722c2c79bb996
.exe windows x86

850ffdbaa017812eb2317ab8d014ba33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCurrentThreadId
WriteFile
InitializeCriticalSection
GetCommandLineA
lstrcmpiA
WaitForSingleObject
CreateEventA
CreateThread
DeleteCriticalSection
InterlockedIncrement
CreateFileA
SetEvent
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
InterlockedDecrement
TerminateProcess
GetCurrentProcess
HeapFree
SetStdHandle
LoadLibraryA
GetProcAddress
GetCPInfo
HeapAlloc
SetUnhandledExceptionFilter
SetFilePointer
GetLastError
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetTempPathA
HeapReAlloc
VirtualAlloc
CloseHandle
IsBadCodePtr
RtlUnwind
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
IsBadWritePtr
VirtualFree
GetEnvironmentStrings
GetACP
GetOEMCP
FlushFileBuffers
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetFileType
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate

user32

GetMessageA
DispatchMessageA
PeekMessageA
PostThreadMessageA
CharNextA
MessageBoxA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHFileOperationA

ole32

CoInitialize
CoUninitialize
CoRegisterMessageFilter
CoCreateInstance

oleaut32

SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString

atl

ord18
ord32
ord21
ord20
ord23
ord57
ord16
ord17
ord30

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

850ffdbaa017812eb2317ab8d014ba33

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

atl

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 28KB - Virtual size: 28KB