a64c9a978aa3dcaeabc066e83addf2d940ae75eca4a5804a2fbcdc82a9c16057

General

Target

a64c9a978aa3dcaeabc066e83addf2d940ae75eca4a5804a2fbcdc82a9c16057
Size

612KB
MD5

827a47f03a431d29e06954bc42551700
SHA1

75997ab437dfde179c7f6692e19787cccb3a9a0e
SHA256

a64c9a978aa3dcaeabc066e83addf2d940ae75eca4a5804a2fbcdc82a9c16057
SHA512

a229dfc55767fb47aa67d350917afe5ce6f9cf29312dfb96f9df5eccc96053fed5680efd7b43ade6ac0c32f85ba66ec1d7a8ecfb0c1496b08d77373977e24c72
SSDEEP

12288:vBJetLCbsMku4En+Q2+DmAsuetgUQsQBsIf/zHGPD:vBJetLCbJku4EnJtDmPuetvnQBsc/D

Score

N/A

Malware Config

Signatures

Files

a64c9a978aa3dcaeabc066e83addf2d940ae75eca4a5804a2fbcdc82a9c16057
.dll windows x86

5ac6d313e7999445361a77ec4f33375e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetCurrentThreadId
GetModuleHandleW
ReadFile
GetLastError
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
WideCharToMultiByte
GetModuleFileNameW
QueryPerformanceCounter
GetVersionExA
LocalFree
InitializeCriticalSection
UnhandledExceptionFilter
EnterCriticalSection
FreeLibrary
GetModuleHandleA
InterlockedExchange
MultiByteToWideChar
InterlockedDecrement
DeleteCriticalSection
WaitForSingleObject
CloseHandle
SetUnhandledExceptionFilter
VirtualAlloc
CreateFileW
InterlockedIncrement
SetEvent
GetDateFormatA
RaiseException

shell32

SHGetSpecialFolderLocation
DragAcceptFiles
ShellExecuteW
SHAddToRecentDocs

advapi32

RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey

Exports

Exports

ExecCodeModuleEx
NewWrapper
SetEncoding
StringAFromFormat
UnicodeFilename
VaParse
_Concat

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ac6d313e7999445361a77ec4f33375e

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 212KB - Virtual size: 211KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 212KB - Virtual size: 211KB

.reloc
Size: 8KB - Virtual size: 7KB