882e1117f9423ffb358e038f1f812e2ffcaddf45f8bfbf111c4329dc8db95ffa

Sharing

Copy URL Twitter E-mail

General

Target

882e1117f9423ffb358e038f1f812e2ffcaddf45f8bfbf111c4329dc8db95ffa
Size

245KB
MD5

49e5698c6dc792113c235e146115e810
SHA1

651dcf91a725e7a9cab5450b5a22e901f65d95ea
SHA256

882e1117f9423ffb358e038f1f812e2ffcaddf45f8bfbf111c4329dc8db95ffa
SHA512

0e649c1772206e899ff15585da4eb30af6f1d5b2592d86693cf96692653d03936c03357893c0c7236adad62cddca8a796503c954174e5c48fcb3fe2d157453a6
SSDEEP

6144:cYDdl9OQuKFdzaH6E52MdWTBD1yZ5qG8obQ+:cF/KFBMdWTrg5f

Score

N/A

Malware Config

Signatures

Files

882e1117f9423ffb358e038f1f812e2ffcaddf45f8bfbf111c4329dc8db95ffa
.exe windows x86

882d68fa2a563428f8dbe2ce7fe61baf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
ReadFile
CreateFileW
MultiByteToWideChar
CloseHandle
WideCharToMultiByte
FindFirstFileA
GetLastError
FindClose
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
GetCurrentThreadId
GetCurrentProcessId
ResumeThread
LCMapStringW
WaitForSingleObject
CreateRemoteThread
GetPrivateProfileIntA
VirtualFreeEx
Sleep
CreateProcessA
GetProcAddress
VirtualAllocEx
GetPrivateProfileStringA
WritePrivateProfileStringA
WriteProcessMemory
lstrcpyA
GetThreadContext
SetThreadContext
FreeLibrary
VirtualFree
VirtualQueryEx
ReadProcessMemory
TerminateProcess
VirtualAlloc
VirtualProtectEx
LoadLibraryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
WriteConsoleW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
LCMapStringA
GetCPInfo
HeapCreate
HeapReAlloc
SetStdHandle
SetHandleCount
GetStdHandle
WriteFile
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CreateFileA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
GetFileAttributesA

user32

MessageBoxA
EndDialog
CheckRadioButton
SetWindowTextA
DialogBoxParamA

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

882d68fa2a563428f8dbe2ce7fe61baf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 7KB - Virtual size: 21KB

.rsrc Size: 6KB - Virtual size: 5KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 7KB - Virtual size: 21KB

.rsrc
Size: 6KB - Virtual size: 5KB

.rmnet
Size: 56KB - Virtual size: 60KB