4b3c5f7de6258f21f5c9792f0330790e76ac7f17e9de549f6a1d38a47f8b2222

Sharing

Copy URL Twitter E-mail

General

Target

4b3c5f7de6258f21f5c9792f0330790e76ac7f17e9de549f6a1d38a47f8b2222
Size

669KB
MD5

8030a850fd134e4e9ddf484668b36086
SHA1

e0ab5afb89bbb9610e529e1ebc258c996aa8ca20
SHA256

4b3c5f7de6258f21f5c9792f0330790e76ac7f17e9de549f6a1d38a47f8b2222
SHA512

d6763e135a7edbd04e2a591b6ed19eb1306ff36caca2a9ade4309eeedede8118f290ee4aaf9a610dd137f5e82e35bd15092680f54c6b0220754b88be5f29a629
SSDEEP

12288:Orpl/pA5frhZ/cnXPG5dnnJQi4dC1uOD:Upl/pQbUO5dnJVuOD

Score

N/A

Malware Config

Signatures

Files

4b3c5f7de6258f21f5c9792f0330790e76ac7f17e9de549f6a1d38a47f8b2222
.exe windows x86

570fed68098c2f4df4dcb03e5454002a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHGetFolderPathW

kernel32

GetCurrentProcess
CompareStringW
CompareStringA
GetVersionExW
GlobalFree
GlobalAlloc
GetProcAddress
LoadLibraryW
SetFileAttributesW
GetFileAttributesW
GetModuleFileNameW
FreeLibrary
CreateFileA
CloseHandle
GetTimeZoneInformation
GetLocaleInfoW
SetFilePointer
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
VirtualQuery
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteConsoleW
GetFileType
GetStdHandle
RtlUnwind
RaiseException
HeapValidate
IsBadReadPtr
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
ExitProcess
GetLastError
SetConsoleCtrlHandler
GetModuleFileNameA
WideCharToMultiByte
TerminateProcess
SetEnvironmentVariableA
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
DebugBreak
MultiByteToWideChar
lstrlenA
LoadLibraryA
FatalAppExitA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
OutputDebugStringA
OutputDebugStringW

user32

DestroyWindow
DefWindowProcW
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExW
ShowWindow
UpdateWindow
DialogBoxParamW
LoadCursorW
RegisterClassExW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
EndDialog
LoadIconW

Sections

.textbss
Size: - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

570fed68098c2f4df4dcb03e5454002a

Headers

File Characteristics

Imports

shell32

kernel32

user32

Sections

.textbss Size: - Virtual size: 197KB

.text Size: 424KB - Virtual size: 422KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 8KB - Virtual size: 15KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 140KB - Virtual size: 140KB

.textbss
Size: - Virtual size: 197KB

.text
Size: 424KB - Virtual size: 422KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 8KB - Virtual size: 15KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 140KB - Virtual size: 140KB