3a592300e5739f9d27e51fe0552c6234bc96369ccf8ca4811a6946f1f3b37971

General

Target

3a592300e5739f9d27e51fe0552c6234bc96369ccf8ca4811a6946f1f3b37971
Size

515KB
MD5

4572a1a297b50396a8be08b4b502dc63
SHA1

c43f60f44d77e37bc6d4068cb601ce47a83e1204
SHA256

3a592300e5739f9d27e51fe0552c6234bc96369ccf8ca4811a6946f1f3b37971
SHA512

656bdb124278df505ff81208d4fd2be7a47372736d1804f942e57c385ec6abb77bd48391de556c392c2efd7fe59c2bdbaaa1e8e8046f44a7cf76f7dfebeda973
SSDEEP

12288:pETOCmZ/fFL3/NueFNpNoWFhbbm4alXqift:pETOC6/tr/IeFNpxFlbmLR

Score

N/A

Malware Config

Signatures

Files

3a592300e5739f9d27e51fe0552c6234bc96369ccf8ca4811a6946f1f3b37971
.exe windows x86

45fa94dc639ed74ead194c267f6dcb97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_encode_pointer
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
__p__fmode
_invoke_watson
_controlfp_s
_crt_debugger_hook
__iob_func
fflush
free
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_stricmp
_exit
_cexit
__wgetmainargs
_except_handler4_common
_amsg_exit

vmwarebase

ord1372
ord676
ord236
ord44
ord668
ord50
ord702
ord156
ord17
ord1074
ord182
ord380
ord378
ord708
ord512
ord48
ord654
ord657
ord41
ord34
ord54
ord520
ord43
ord3
ord46
ord21
ord25
ord499
ord508
ord507
ord365
ord36

kernel32

InterlockedExchange
InterlockedCompareExchange
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
Sleep

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45fa94dc639ed74ead194c267f6dcb97

Headers

File Characteristics

Imports

msvcr80

vmwarebase

kernel32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 996B

.rsrc Size: 2KB - Virtual size: 2KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 996B

.rsrc
Size: 2KB - Virtual size: 2KB

.vmp0
Size: 500KB - Virtual size: 1.6MB