fea7cc5d847cfebe62eb92f619f7b68341da71229493b67c74059dccde3a5d1a

Sharing

Copy URL Twitter E-mail

General

Target

fea7cc5d847cfebe62eb92f619f7b68341da71229493b67c74059dccde3a5d1a
Size

165KB
MD5

6d6fc6fa0e1aa886b058b32afceac500
SHA1

43d4619c895ce5d42df75f11cd9843b29e0645d3
SHA256

fea7cc5d847cfebe62eb92f619f7b68341da71229493b67c74059dccde3a5d1a
SHA512

c5249a4d0ecd4806d05b2ed5523bd667c1ea91f8c5e935d5c4a1d31dce881c76840b3cd57e548115a85cb587896e824e3a173f248787f705ccce1c8f6c5b081a
SSDEEP

3072:FJMguKf5dYoVxlMNix1gMG0cz3hpPxdWPSFrAyU84bPG/h+ruEGNK:cgdWNy1gMIRqSFr1LoPGIGk

Score

N/A

Malware Config

Signatures

Files

fea7cc5d847cfebe62eb92f619f7b68341da71229493b67c74059dccde3a5d1a
.exe windows x86

7f6b0f4484120db54b31913dcccbe73c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA

kernel32

GetVersionExA
CloseHandle
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemTimeAsFileTime
GetLastError
CreateProcessA
DeleteFileA
CreateFileA
CreateDirectoryA
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
SetFilePointer
FlushFileBuffers
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
VirtualProtect
HeapAlloc
IsBadReadPtr
VirtualQuery
InterlockedExchange
GetStartupInfoA
ExitProcess
RtlUnwind
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
GetSystemInfo
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

SetWindowTextA
SetForegroundWindow
SetDlgItemTextA
EndDialog
FindWindowA
EnumWindows
GetWindowTextA
LoadStringA
DialogBoxParamA
SendMessageA
SetWindowPos

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegOpenKeyA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7f6b0f4484120db54b31913dcccbe73c

Headers

File Characteristics

Imports

psapi

kernel32

user32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 100KB - Virtual size: 100KB