2f2a39b663902df0d277c4c764910970d325a9e5137cef3fdb5fa228a40293b3

Sharing

Copy URL Twitter E-mail

General

Target

2f2a39b663902df0d277c4c764910970d325a9e5137cef3fdb5fa228a40293b3
Size

161KB
MD5

805e9bd3ad7599025ff793991cc19d70
SHA1

afdc335d14ed4f44aeca27137ab8fab66d99013f
SHA256

2f2a39b663902df0d277c4c764910970d325a9e5137cef3fdb5fa228a40293b3
SHA512

fc9c85111a9fd3dce08d073f917b9ed9952bd27de5d1cf97d2d14c1e297c701e3c69de9a16a4e2c53b265adf62dc69eb13b7c2e0353298667c3f0fb1e9297ebc
SSDEEP

3072:4Dr3mW7TwKyYL6XNkAWgidEfE+OLCiYFsGJS4U83GwGw:4DiGhmkrJE8+OL2BsI2S

Score

N/A

Malware Config

Signatures

Files

2f2a39b663902df0d277c4c764910970d325a9e5137cef3fdb5fa228a40293b3
.exe windows x86

509d09789bce24fb70348e054d2ccc18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
MulDiv
IsBadStringPtrA
Module32First
VirtualQueryEx
GetLocaleInfoW
GetStartupInfoA
WriteFile
InterlockedIncrement
FileTimeToSystemTime
FreeLibrary
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
GetConsoleMode
IsBadReadPtr
GetProcessWorkingSetSize
SetProcessWorkingSetSize
QueryPerformanceCounter
DuplicateHandle
HeapFree
GetModuleHandleA
GetCommandLineA
GetConsoleOutputCP
DeviceIoControl
HeapSize
LeaveCriticalSection
SetEndOfFile
GetModuleFileNameA

user32

SetDlgItemTextA
CopyRect
InflateRect
ClientToScreen
PostQuitMessage
GetCursorPos
GetSysColor
DeleteMenu
SetClipboardData
ShowWindowAsync
PtInRect
RegisterClassA
GetSystemMetrics
EnumChildWindows
IsDlgButtonChecked
LoadAcceleratorsA
DialogBoxParamA
EnableMenuItem
CreateDialogParamA
SetTimer
wsprintfA
GetDlgCtrlID
PeekMessageA
SystemParametersInfoA
IntersectRect
SetCapture
GetWindowTextA
CheckRadioButton
FindWindowA

gdi32

LineTo
GetTextMetricsA
GetStockObject
GetDeviceCaps
GetObjectA
SaveDC
CreateRectRgn
DeleteObject
CreateDIBSection
CreateFontIndirectA
GetBkColor
SelectObject
DeleteDC
SetTextAlign
SelectClipRgn
SetBkColor
EndPage
SetROP2
CreatePen
SetTextColor

msvcrt

_mkdir
__p__commode
__set_app_type
_isnan
fseek
__getmainargs
_putws
system
_initterm
memcmp
__p__fmode
__setusermatherr
_aligned_offset_malloc
_wpopen
_acmdln
_except_handler3
exit
_winmajor
_findclose
printf
fputc
_cputs
_controlfp
_adjust_fdiv
_wsopen
_rmtmp
_XcptFilter
_exit
memcpy
_wstat64
_aligned_offset_realloc
iswascii
_wfreopen
_fgetwchar
asctime
_futime64
calloc
_clearfp

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

509d09789bce24fb70348e054d2ccc18

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 184KB

.rsrc Size: 126KB - Virtual size: 126KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 184KB

.rsrc
Size: 126KB - Virtual size: 126KB