c632e7eeab264b4fcecb8ed0bdb28e468cc2068434aed2fc3c8dd1c5610539c5

General

Target

c632e7eeab264b4fcecb8ed0bdb28e468cc2068434aed2fc3c8dd1c5610539c5
Size

949KB
MD5

47f984045d1f82831c61ce2b5dd39810
SHA1

292432328da89dc45a130ec81903303093294ed1
SHA256

c632e7eeab264b4fcecb8ed0bdb28e468cc2068434aed2fc3c8dd1c5610539c5
SHA512

866167a45bc4636a869d3327c3d055e5d9e6a8a768be2e6fa5d97239c0bba19498b60c6f0d0ffbcdf883aa40dab466fefdee68e1de83d788e2130a61574e1d2e
SSDEEP

24576:A1IsJeNhaodobEwqA0EF763ztkdKldbVa:QIsJ63+bEfDEF7qZkdkbV

Score

N/A

Malware Config

Signatures

Files

c632e7eeab264b4fcecb8ed0bdb28e468cc2068434aed2fc3c8dd1c5610539c5
.exe windows x86

838aedcd0095eb96c227963c269abc0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
LoadLibraryW
GetProcAddress
GetLastError
GetSystemDirectoryW
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualProtect
IsDebuggerPresent

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

msvcr80

_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
__set_app_type

Exports

Exports

DllGetLCID
wdCommandDispatch
wdGetApplicationObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 386KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 556KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

838aedcd0095eb96c227963c269abc0c

Headers

File Characteristics

Imports

kernel32

advapi32

msvcr80

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 900B

.rsrc Size: 386KB - Virtual size: 385KB

.reloc Size: 556KB - Virtual size: 2.3MB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 900B

.rsrc
Size: 386KB - Virtual size: 385KB

.reloc
Size: 556KB - Virtual size: 2.3MB