967a8bad993154566a10cc56435af83209a4e9393aaeb62e17136538a092f930

Sharing

Copy URL Twitter E-mail

General

Target

967a8bad993154566a10cc56435af83209a4e9393aaeb62e17136538a092f930
Size

556KB
MD5

810eebd3b5723b369cbf0b3165587330
SHA1

df4d763d0fd31dffff9ec0f327b76a425860e62e
SHA256

967a8bad993154566a10cc56435af83209a4e9393aaeb62e17136538a092f930
SHA512

fce6dcf9917b5c905e7860e5acbc7993926a21d25f0fe5a3b94a28323cd0f798ba8f81e52a94c3225187720087b125a2f88918c9610b08e2fc58fac562b26cf6
SSDEEP

12288:TQk8GjIC6pFqlM5eKmuF4HH9L4KIZauNfC:c06iwc1HHiKo

Score

N/A

Malware Config

Signatures

Files

967a8bad993154566a10cc56435af83209a4e9393aaeb62e17136538a092f930
.exe windows x86

52460920e9c26b5b32f2da1b9db8cddf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLocaleName
GetVersionExA
GetLastError
GetModuleHandleA
GetProcAddress
GetCurrentProcess
FormatMessageW
LocalFree
FlushFileBuffers
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CreateFileA
CloseHandle

user32

MessageBoxW

advapi32

CryptImportKey
CryptSetKeyParam
CryptEncrypt
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA

shell32

ShellExecuteA

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52460920e9c26b5b32f2da1b9db8cddf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.vmp0
Size: 500KB - Virtual size: 1.6MB