f87b7fb19ef99f4ff59e21ede9ab4984a2a8c4ec0cf0ab1bae15dba6e106ec1b

Sharing

Copy URL Twitter E-mail

General

Target

f87b7fb19ef99f4ff59e21ede9ab4984a2a8c4ec0cf0ab1bae15dba6e106ec1b
Size

5.0MB
MD5

f338448a36f32448b243fc63b6e715ce
SHA1

69bd816b7093f279f5a686ec4593c3243c14c3b4
SHA256

f87b7fb19ef99f4ff59e21ede9ab4984a2a8c4ec0cf0ab1bae15dba6e106ec1b
SHA512

ae3fa48c37781c6d3255a0b6fda320b2febd2f3b0741e958b4c782fb2462466a1cfcd4ab0e791a71677bb3919c655dc9a2b99fb1c1ae4859b0ea2035a3920550
SSDEEP

98304:eMlZNbob/WcC6FHSx1PlaqSOOVVuNo19yW:ttArkQqZOCMIW

Score

N/A

Malware Config

Signatures

Files

f87b7fb19ef99f4ff59e21ede9ab4984a2a8c4ec0cf0ab1bae15dba6e106ec1b
.exe windows x86

e679a07553db2e53ce0fb07074f47038

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
GetFileSize
GetTempPathW
ReadFile
SetEndOfFile
WaitForSingleObject
CreateProcessW
GetExitCodeProcess
GetCurrentDirectoryW
GetProcAddress
GetCurrentProcess
TerminateProcess
GetStartupInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetLastError
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
RemoveDirectoryW
WriteConsoleW
SetStdHandle
ReadConsoleW
LoadLibraryExW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetOEMCP
GetACP
IsValidCodePage
GetSystemTimeAsFileTime
FindClose
SetUnhandledExceptionFilter
FindNextFileW
FindFirstFileW
SetFileAttributesW
GetTempFileNameW
DeleteFileW
Sleep
MoveFileExW
SizeofResource
LockResource
LoadResource
FindResourceW
CloseHandle
WriteFile
CreateFileW
CreateDirectoryW
lstrcpynW
GetFileAttributesW
GetModuleHandleW
GetModuleFileNameW
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
RaiseException
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetStdHandle
GetCurrentThreadId
GetModuleHandleExW
ExitProcess
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
IsProcessorFeaturePresent
GetCommandLineW
GetStringTypeW
EncodePointer
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
IsDebuggerPresent
GetTickCount

shlwapi

wnsprintfW
PathAddBackslashW
PathFileExistsW

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e679a07553db2e53ce0fb07074f47038

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

Sections

.text Size: 127KB - Virtual size: 127KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 5.1MB - Virtual size: 5.1MB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 5.1MB - Virtual size: 5.1MB

.reloc
Size: 6KB - Virtual size: 6KB