8b4041994d5f3044dea0380d2bede77bb2951f63020fe2e6a2fad7dcf43e1148

Sharing

Copy URL Twitter E-mail

General

Target

8b4041994d5f3044dea0380d2bede77bb2951f63020fe2e6a2fad7dcf43e1148
Size

121KB
MD5

9031919eefbbbe0e43d9e26991619950
SHA1

c50dbe2e712a827e1634b7077f0653bed3e73c1d
SHA256

8b4041994d5f3044dea0380d2bede77bb2951f63020fe2e6a2fad7dcf43e1148
SHA512

08cd66dd7b82592bc2864ebf72588bf178dfd9f62b7da512575d5955a49b3fcd92039f7a83855b3338be130cba06900490b3e410579c1e3fc36867f6fc2cec5b
SSDEEP

1536:Zd0Uf0Yb4cUEng9KAHsrWkEMYITobIn/9ymHPN8mcWs2dKmHVxXh8dqmrb0tduVf:UQX4KjTERGQiyEN8rgJbmMHyQc

Score

N/A

Malware Config

Signatures

Files

8b4041994d5f3044dea0380d2bede77bb2951f63020fe2e6a2fad7dcf43e1148
.exe windows x86

c64b0a6ef815f9589116b546cd49970c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringA

user32

GetCursorPos

kernel32

CloseHandle
CreateFileA
FreeEnvironmentStringsA
GetCommandLineA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStringTypeA
GetTickCount
GetTimeZoneInformation
GetVersionExA
LCMapStringA
LoadLibraryA
MultiByteToWideChar
SetFilePointer
UnhandledExceptionFilter
VirtualProtect
WideCharToMultiByte
WriteFile
CompareStringA

advapi32

RegOpenKeyExA
RegQueryValueExA

ulib

??0ARGUMENT_LEXEMIZER@@QAE@XZ
??0ARRAY@@QAE@XZ
??0CLASS_DESCRIPTOR@@QAE@XZ
??0DSTRING@@QAE@XZ
??0FLAG_ARGUMENT@@QAE@XZ
??0PATH@@QAE@XZ
??0PROGRAM@@IAE@XZ
??0STRING_ARGUMENT@@QAE@XZ
??1ARGUMENT_LEXEMIZER@@UAE@XZ
??1ARRAY@@UAE@XZ
??1DSTRING@@UAE@XZ
??1OBJECT@@UAE@XZ
??1PROGRAM@@UAE@XZ
??1STRING_ARGUMENT@@UAE@XZ
?Compare@OBJECT@@UBEJPBV1@@Z
?DisplayMessage@PROGRAM@@UBAEKW4MESSAGE_TYPE@@PADZZ
?DisplayMessage@PROGRAM@@UBEEKW4MESSAGE_TYPE@@@Z
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Fatal@PROGRAM@@UBAXKKPADZZ
?Fatal@PROGRAM@@UBEXXZ
?GetStandardError@PROGRAM@@UAEPAVSTREAM@@XZ
?GetStandardInput@PROGRAM@@UAEPAVSTREAM@@XZ
?GetStandardOutput@PROGRAM@@UAEPAVSTREAM@@XZ
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Initialize@ARRAY@@QAEEKK@Z
?Initialize@CLASS_DESCRIPTOR@@QAEEXZ
?Initialize@FLAG_ARGUMENT@@QAEEPAD@Z
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
?Initialize@WSTRING@@QAEEPBDK@Z
?IsValueSet@ARGUMENT@@QAEEXZ
?PrepareToParse@ARGUMENT_LEXEMIZER@@QAEEPAVWSTRING@@@Z
?Put@ARRAY@@UAEEPAVOBJECT@@@Z
?SetCaseSensitive@ARGUMENT_LEXEMIZER@@QAEXE@Z
?Usage@PROGRAM@@UBEXXZ
?ValidateVersion@PROGRAM@@UBEXKK@Z
?QueryFile@SYSTEM@@SGPAVFSN_FILE@@PBVPATH@@EPAE@Z

ntdll

RtlFreeHeap
RtlAllocateHeap

Sections

AUTO
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c64b0a6ef815f9589116b546cd49970c

Headers

File Characteristics

Imports

crypt32

user32

kernel32

advapi32

ulib

ntdll

Sections

AUTO Size: 3KB - Virtual size: 3KB

DGROUP Size: 113KB - Virtual size: 112KB

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 154B

AUTO
Size: 3KB - Virtual size: 3KB

DGROUP
Size: 113KB - Virtual size: 112KB

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 154B