25090ea2f287ec9836a5a7100de575cb371175bf22c9037b947535e8c235fd04

Sharing

Copy URL Twitter E-mail

General

Target

25090ea2f287ec9836a5a7100de575cb371175bf22c9037b947535e8c235fd04
Size

261KB
MD5

596780fb622976bfd319b951a3d1c976
SHA1

1daec90444386c5356fb4bb39e4aba429f3c77fa
SHA256

25090ea2f287ec9836a5a7100de575cb371175bf22c9037b947535e8c235fd04
SHA512

7d14e36f36fd07393461a16d08ff6b845e203485239a218cb575060dcfac8724a43c0b93ae3750d21f6fe2a643f8fc2a183e92b40ada97112cf6120832c58b86
SSDEEP

6144:JcK2qpjoIMRhvfdH5ybGnFLZ6trdzIbnAVSz:JcK2OP+hH951/6DUbAs

Score

N/A

Malware Config

Signatures

Files

25090ea2f287ec9836a5a7100de575cb371175bf22c9037b947535e8c235fd04
.exe windows x86

31ae981ccb78cbba3d181aab353223af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ReadFileScatter
TerminateThread
EnumResourceTypesW
SetTimeZoneInformation
_llseek
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetProcAddress
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
HeapFree
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
FindNextFileA
LCMapStringW
GetEnvironmentStrings
LocalLock

oleaut32

VarDecFromDate
SafeArrayDestroyData
VarFormatNumber
VarRound
VarDateFromDec
RegisterTypeLi
SetErrorInfo
CreateTypeLib2
SafeArrayCopyData
SafeArrayUnlock
SafeArrayGetIID
SafeArrayGetRecordInfo
VarDecFromDisp
SafeArrayDestroy
SafeArrayAccessData
RevokeActiveObject
VarUdateFromDate
SafeArrayGetElement
SafeArrayPutElement
VarParseNumFromStr
VarBstrFromDate
VarFormatDateTime
VariantCopyInd
VarDecCmp
VarFormat
VarImp
BstrFromVector
VarBoolFromDec
VarSu
SafeArraySetRecordInfo
GetRecordInfoFromTypeInfo
VarMul
VarBoolFromStr
SafeArrayCopy
VarDecCmpR8
VarDecNeg
CreateTypeLi
VarDiv
VarXor
VariantCopy
DispGetParam

advapi32

RegCloseKey
RegOpenKeyA

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31ae981ccb78cbba3d181aab353223af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

advapi32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 85KB - Virtual size: 86KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 85KB - Virtual size: 86KB

.rsrc
Size: 3KB - Virtual size: 3KB