4a0807bf00f5e2fc4f3b58691da4f8702e3e9b9466d616293534c50d384ae53e

Sharing

Copy URL

Twitter E-mail

General

Target

4a0807bf00f5e2fc4f3b58691da4f8702e3e9b9466d616293534c50d384ae53e
Size

404KB
MD5

1ae4bb9c0b79322a8b0196ea62e574aa
SHA1

0baa194d60d32b6c043889f5768bc090dde6fee8
SHA256

4a0807bf00f5e2fc4f3b58691da4f8702e3e9b9466d616293534c50d384ae53e
SHA512

b0a39fb54430ff65bac5c7420ac478f3019056df047f53741c3c034bbd37c7fc2c3a65b296cc6986c381ad815e79c8370439a4b33ab636d04efd56c93903dcd0
SSDEEP

12288:shyBZkje0QyRzz1Mfd4nDz+DyhbLPgf8m1BM7S:nZXmzzPnDKDhfnBMW

Score

N/A

Malware Config

Signatures

Files

4a0807bf00f5e2fc4f3b58691da4f8702e3e9b9466d616293534c50d384ae53e
.exe windows x86

290320010cc79fc6689b8196f5298c3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetConsoleCtrlHandler
VirtualAlloc
VirtualQuery
GetVersion
CreateFileA
TlsSetValue
InterlockedDecrement
GlobalAlloc
FindResourceW
InitializeCriticalSection
WriteConsoleA
TerminateProcess
FindResourceA
LocalFree
FreeLibrary
SetEnvironmentVariableA
GetCurrentThreadId
CreateThread
GetACP
Sleep
DeleteFileW
CloseHandle
InterlockedExchange
ReadFile
FlushFileBuffers
GetModuleHandleA
GetStringTypeA
GetModuleFileNameW
WideCharToMultiByte
RaiseException
SetFilePointer
MapViewOfFile
GetProcessHeap
TlsFree
GetProcAddress
GetCommandLineA
FreeEnvironmentStringsW
MultiByteToWideChar
GetCPInfo
DeleteFileA
LockResource
GetCurrentProcessId
GetLocaleInfoA
GetEnvironmentStrings
GetCurrentProcess
DeleteCriticalSection
GetFileSize
LoadLibraryA
GetCommandLineW
GetModuleFileNameA
GetEnvironmentStringsW
GetVersionExA
TlsAlloc
GetTickCount
HeapDestroy
QueryPerformanceCounter
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
GetConsoleOutputCP
HeapFree
IsValidCodePage
GetLastError
GetCurrentThread
ExitProcess
HeapAlloc
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetHandleCount
GetStdHandle
GetFileType
TlsGetValue
GetEnvironmentVariableA
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetOEMCP
HeapReAlloc
IsBadWritePtr
GetStringTypeW
LCMapStringA
LCMapStringW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW

user32

GetFocus
EnableWindow
TrackPopupMenu
GetDlgItem
GetSystemMetrics
wsprintfA
SetWindowTextA
GetDC
InvalidateRect
MessageBoxA
SetWindowPos
ShowWindow
KillTimer
TranslateMessage
PostQuitMessage
SetFocus

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

iwmcg
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

geiimyu
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cawas
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

290320010cc79fc6689b8196f5298c3d

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 52KB - Virtual size: 49KB

iwmcg Size: 280KB - Virtual size: 277KB

geiimyu Size: 20KB - Virtual size: 18KB

cawas Size: 48KB - Virtual size: 45KB

.text
Size: 52KB - Virtual size: 49KB

iwmcg
Size: 280KB - Virtual size: 277KB

geiimyu
Size: 20KB - Virtual size: 18KB

cawas
Size: 48KB - Virtual size: 45KB