b851f2e2856ca5b8d6f4b49483a6bf2bdffb096d81bab04fbd2f4b606a1d5c8e

Sharing

Copy URL Twitter E-mail

General

Target

b851f2e2856ca5b8d6f4b49483a6bf2bdffb096d81bab04fbd2f4b606a1d5c8e
Size

556KB
MD5

6049013b37d758519908d4f427438c50
SHA1

fd4f732eb693bb5108d14d9d2b602fbebf6355fe
SHA256

b851f2e2856ca5b8d6f4b49483a6bf2bdffb096d81bab04fbd2f4b606a1d5c8e
SHA512

a0c6822de3f6c78746cc773f9fda6232353299ec390eb16f1941f9f10d23ceeba91de58b0f927c5beb3200574ed69f1a2a4661ba9498143ac5df22d1fec4f824
SSDEEP

12288:RKQkSKAEDbS97RxP0wByZ/JD/cHADY5UmrOugxybhIElrQ:RKjSKfQ7RxP4ZB27GIrgYbi

Score

N/A

Malware Config

Signatures

Files

b851f2e2856ca5b8d6f4b49483a6bf2bdffb096d81bab04fbd2f4b606a1d5c8e
.exe windows x86

374c98fba03bf0b31e355d40ae657c3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegEnumValueA
GetUserNameA

kernel32

SetEnvironmentVariableA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
GetComputerNameA
GetPrivateProfileStringA
DefineDosDeviceA
QueryDosDeviceA
GetDriveTypeA
lstrlenA
GetLogicalDriveStringsA
CloseHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
SetFilePointer
GetLastError
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
CreateDirectoryA

user32

SendDlgItemMessageA
DialogBoxParamA
ShowWindow
SetWindowTextA
GetDlgItem
EndDialog
MessageBoxA
GetSystemMetrics

swlib20070100

SYSOP_TABLE
sw_getsysop
sw_chdir
sw_RegOpenKey
sw_CharFree
sw_SZRegistry
sw_CharMalloc
sw_exist
sw_isFile
sw_isDir
sw_CentraWin
sw_exec

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 496KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

374c98fba03bf0b31e355d40ae657c3e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

swlib20070100

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 3KB

.vmp0 Size: 496KB - Virtual size: 1.6MB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 3KB

.vmp0
Size: 496KB - Virtual size: 1.6MB