587088b679f47f80fd5ce19e6b8ad9e2a0e40f6d5ce8fe435d0ac17c7fc93959

Sharing

Copy URL Twitter E-mail

General

Target

587088b679f47f80fd5ce19e6b8ad9e2a0e40f6d5ce8fe435d0ac17c7fc93959
Size

665KB
MD5

5936fe2684b9d6d7224451e8ba99fce0
SHA1

222860f1a2127c8eae821fb90ef4fea8d492fdb8
SHA256

587088b679f47f80fd5ce19e6b8ad9e2a0e40f6d5ce8fe435d0ac17c7fc93959
SHA512

1f6852bf3ef5526b3c13145a89f69195fb93790be2205eb04866911a971b048c0cd75e9fcfb56505934f77116a8670a782b6f7ac9f4067cd229698f6a8174702
SSDEEP

12288:drpl/pA5frhZ/cnXPG5dnnJQi4dDO9IyNtk:Npl/pQbUO5dnJEYNtk

Score

N/A

Malware Config

Signatures

Files

587088b679f47f80fd5ce19e6b8ad9e2a0e40f6d5ce8fe435d0ac17c7fc93959
.exe windows x86

570fed68098c2f4df4dcb03e5454002a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHGetFolderPathW

kernel32

GetCurrentProcess
CompareStringW
CompareStringA
GetVersionExW
GlobalFree
GlobalAlloc
GetProcAddress
LoadLibraryW
SetFileAttributesW
GetFileAttributesW
GetModuleFileNameW
FreeLibrary
CreateFileA
CloseHandle
GetTimeZoneInformation
GetLocaleInfoW
SetFilePointer
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
VirtualQuery
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteConsoleW
GetFileType
GetStdHandle
RtlUnwind
RaiseException
HeapValidate
IsBadReadPtr
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
ExitProcess
GetLastError
SetConsoleCtrlHandler
GetModuleFileNameA
WideCharToMultiByte
TerminateProcess
SetEnvironmentVariableA
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
DebugBreak
MultiByteToWideChar
lstrlenA
LoadLibraryA
FatalAppExitA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
OutputDebugStringA
OutputDebugStringW

user32

DestroyWindow
DefWindowProcW
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExW
ShowWindow
UpdateWindow
DialogBoxParamW
LoadCursorW
RegisterClassExW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
EndDialog
LoadIconW

Sections

.textbss
Size: - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

570fed68098c2f4df4dcb03e5454002a

Headers

File Characteristics

Imports

shell32

kernel32

user32

Sections

.textbss Size: - Virtual size: 197KB

.text Size: 424KB - Virtual size: 422KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 8KB - Virtual size: 15KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 136KB - Virtual size: 136KB

.textbss
Size: - Virtual size: 197KB

.text
Size: 424KB - Virtual size: 422KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 8KB - Virtual size: 15KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 136KB - Virtual size: 136KB