ed2d56a7b963e9ffb6b9b48df0e9309d26759c291cfad2d8c181fcc049b1f9a2

General

Target

ed2d56a7b963e9ffb6b9b48df0e9309d26759c291cfad2d8c181fcc049b1f9a2
Size

786KB
MD5

13e9c09f6bbb97101dc6008d502e2631
SHA1

08293b0229dcee2e91f7c567797c4d05907bfad9
SHA256

ed2d56a7b963e9ffb6b9b48df0e9309d26759c291cfad2d8c181fcc049b1f9a2
SHA512

360eea7546a7925eb2b2826467fc9ea153ebce9b2378355aa620e2c5a4a7bc08bee173bb53be06df9751186ecc12b89c4bd63ddd621f862f741b1428497b1b33
SSDEEP

24576:HOgsJBVjfpo176RruYKUvdaNg6J0f34fWIi5BOG5Qm/:H+BVjC17uaYKUvda66J0f4eICN5Q

Score

N/A

Malware Config

Signatures

Files

ed2d56a7b963e9ffb6b9b48df0e9309d26759c291cfad2d8c181fcc049b1f9a2
.exe windows x86

c64c5741a160f6ca01ed4397e8a6fa71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFileAttributesA
GetCurrentDirectoryW
GetLastError
lstrcpyA
ReadConsoleA
GetFileTime
ReadConsoleA
CreateMutexA
ReadConsoleA
FormatMessageA
ReadFile
FindResourceA
CloseHandle
HeapCreate
lstrcatA
GetModuleHandleA
GetFileSize
InitializeCriticalSection
IsValidLocale
IsBadStringPtrW
GetStartupInfoW

msi

MsiAdvertiseProductA
MsiCreateRecord
MsiCloseAllHandles
MsiCloseHandle

user32

IsWindow
LoadCursorW
wsprintfW
GetWindowLongW
IsDialogMessageA
SetCursorPos
DispatchMessageA
SetFocus
PostMessageW
IsZoomed
PeekMessageW
IsCharLowerA
GetWindowTextA

wldap32

ldap_add

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 772KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 263B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c64c5741a160f6ca01ed4397e8a6fa71

Headers

File Characteristics

Imports

kernel32

msi

user32

wldap32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 700KB

.rsrc Size: 772KB - Virtual size: 1.4MB

.text1 Size: 1024B - Virtual size: 263B

.data2 Size: 512B - Virtual size: 208B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 700KB

.rsrc
Size: 772KB - Virtual size: 1.4MB

.text1
Size: 1024B - Virtual size: 263B

.data2
Size: 512B - Virtual size: 208B