4b58b771f82873176245582c1245eec2940e15d84ca931c89aaa7ec66ad672e6

Sharing

Copy URL Twitter E-mail

General

Target

4b58b771f82873176245582c1245eec2940e15d84ca931c89aaa7ec66ad672e6
Size

156KB
MD5

91354121819d474010972f85a9d68370
SHA1

111c484e82b06e3dc8e99f4884b2c310650baac2
SHA256

4b58b771f82873176245582c1245eec2940e15d84ca931c89aaa7ec66ad672e6
SHA512

cd0b00f0196ee8fd3481973aa8f7b7940c9d803fdf615caa791926e636f920c208197de7f41cfeb32ba13e42adc8eeb34e4493d6dbea102f69eba301c751c2e6
SSDEEP

3072:Yq6GUg0/XQuv8cxIeMqX7rjpl+8v3Qa6:JJ0Qe9/MOf1v3

Score

N/A

Malware Config

Signatures

Files

4b58b771f82873176245582c1245eec2940e15d84ca931c89aaa7ec66ad672e6
.exe windows x86

9f1133fbb4742fd17553d7de8476828b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
Sleep
GetProcAddress
InterlockedExchange
VirtualFree
ResumeThread
GetTickCount
CloseHandle
SetEvent
SystemTimeToFileTime
SetFirmwareEnvironmentVariableA
CreateMutexA
RemoveDirectoryA
GetSystemTime
GetSystemDirectoryA
GetTempPathA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
WriteConsoleA
HeapSize
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LocalFree
HeapAlloc
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetLastError
WriteFile
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
ReadFile
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
SetFilePointer
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
VirtualProtect
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
CreateFileA

user32

DestroyWindow
EnableWindow
LoadImageA
PostMessageA
GetSystemMetrics
FindWindowA
GetFocus
EnumWindows
LoadIconA
GetActiveWindow
MessageBoxA

winmm

midiStreamOut
midiOutReset
midiStreamRestart
joySetCapture

dnsapi

DnsAcquireContextHandle_A

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f1133fbb4742fd17553d7de8476828b

Headers

File Characteristics

Imports

kernel32

user32

winmm

dnsapi

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 10KB

.tls Size: 12KB - Virtual size: 8KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 10KB

.tls
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 68KB - Virtual size: 64KB