5c64e477608b9596312b9e295b64395cc7970a7b3552ce29f34b5057e9961a75

Sharing

Copy URL Twitter E-mail

General

Target

5c64e477608b9596312b9e295b64395cc7970a7b3552ce29f34b5057e9961a75
Size

120KB
MD5

a0cc3d302786aaaf8d3d9ad347dab420
SHA1

b5ea727f8b0be0bcb0783bb36b9cc4cf0b7088f2
SHA256

5c64e477608b9596312b9e295b64395cc7970a7b3552ce29f34b5057e9961a75
SHA512

c84ed8082ef5b63f12f779eb65b0747257694649cefcce7c59f4cfd95130374a9ab3230c61259bb7cf333d9043df03154b9431e991aa8400575210e7e73bafe2
SSDEEP

1536:jlAt9p2g0JXeXuinQsuHpuLwbjVgN4A6PKdOYDmjTc:JwHSsFnQsKPpgd6PK7OT

Score

N/A

Malware Config

Signatures

Files

5c64e477608b9596312b9e295b64395cc7970a7b3552ce29f34b5057e9961a75
.exe windows x86

348fde0e5e28a7897371a6e8ba425efa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
QueryPerformanceCounter
GetCurrentThread
GetCurrentProcessId
GetCurrentThreadId
InterlockedIncrement
GetStartupInfoA
InterlockedDecrement
GetCurrentProcess
CompareFileTime
GetModuleHandleA
VirtualAlloc
lstrlenA
lstrlenW
WideCharToMultiByte
CreateFileA
DeleteCriticalSection
LocalAlloc
GetCommandLineW
MultiByteToWideChar
FindClose
GlobalFree
LCMapStringW
InitializeCriticalSection
LoadLibraryA
GetOEMCP
SetStdHandle
GetModuleFileNameA
WriteFile
LeaveCriticalSection
InterlockedExchange
LocalFree
HeapDestroy
HeapCreate
GetSystemInfo
CreateEventW
HeapAlloc
HeapFree
LoadLibraryW
SetLastError
WaitForSingleObject
HeapSize
ReadFile
FreeLibrary
LoadLibraryExW
WaitForSingleObjectEx
SetEndOfFile
TlsFree
GetVersionExW
LoadResource
SizeofResource
GetModuleHandleW
FormatMessageW
GetFileAttributesW
FreeLibraryAndExitThread
EnterCriticalSection
SetHandleCount
ExitProcess
GetStringTypeW
InterlockedCompareExchange
SetFilePointer
RtlUnwind
Sleep
IsValidCodePage
GetACP
GetCPInfo
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
GetLocaleInfoW
GetCommandLineA
HeapSetInformation
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
GetProcAddress
DecodePointer
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetFileType
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
GetLastError
GetTickCount
GetSystemTimeAsFileTime
FatalAppExitA
SetConsoleCtrlHandler
HeapReAlloc

user32

GetSystemMetrics

ole32

OleLoadFromStream
OleInitialize
OleRun
CoCreateGuid

msi

ord170

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

348fde0e5e28a7897371a6e8ba425efa

Headers

File Characteristics

Imports

kernel32

user32

ole32

msi

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 44KB - Virtual size: 96KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 44KB - Virtual size: 96KB

.reloc
Size: 4KB - Virtual size: 2KB