c5b489cf59cfbcf251c2a5627e21b27c99dd4e8af1d2263724d9c26f346628a6

Sharing

Copy URL Twitter E-mail

General

Target

c5b489cf59cfbcf251c2a5627e21b27c99dd4e8af1d2263724d9c26f346628a6
Size

236KB
MD5

5c62e0f941c7ed9c39bdeb497c5f7920
SHA1

5137ee65fa9e74d6785836c547f596e2d47cdc57
SHA256

c5b489cf59cfbcf251c2a5627e21b27c99dd4e8af1d2263724d9c26f346628a6
SHA512

f7db71290184ea4e0b2c347802aca43eed544d347d510c95b3debaca47e54c3694b3b18f94ed92bc3e72579cecdff9502d030c0d1ee58362591d9049d5cfb521
SSDEEP

6144:mnYufqFMMFIxHRok0ADrxWPugtTLtlMvY90JimdBWd:mnYcQMM6FRHXr+ugRMvfWd

Score

N/A

Malware Config

Signatures

Files

c5b489cf59cfbcf251c2a5627e21b27c99dd4e8af1d2263724d9c26f346628a6
.exe windows x86

d084f213a6da2f4a256bd019ecdd9940

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

IsIconic
PostMessageA
UnhookWindowsHookEx
ShowWindow
SetDlgItemTextA
LoadImageA
UnregisterClassA
SendMessageA
MessageBoxA
FindWindowA
GetSystemMetrics
PostQuitMessage
GetWindowRect
SetClassLongA
GetDlgItemTextA
RegisterClassExA
LoadIconA
EndDialog
SetForegroundWindow
DialogBoxParamA
SetWindowsHookExA
SetWindowPos
SetWindowTextA
EnableWindow
EnumWindowStationsA
GetClientRect
DefWindowProcA
GetDlgItem

kernel32

GetVersion
FileTimeToLocalFileTime
SetStdHandle
FreeLibrary
GetTempPathA
HeapDestroy
GetLastError
SetCurrentDirectoryA
GlobalHandle
GetEnvironmentStringsW
HeapReAlloc
SetConsoleCtrlHandler
TerminateThread
CloseHandle
GetCurrentDirectoryA
LCMapStringW
GetFileType
GetConsoleOutputCP
TlsFree
GetFullPathNameA
FindFirstFileA
VirtualFree
GetDriveTypeA
GetEnvironmentVariableA
GetFileSize
ReadFile
DeleteFileA
lstrlenA
LoadLibraryA
GetOEMCP
GetCurrentProcess
IsValidLocale
FindClose
GlobalLock
GetUserDefaultLCID
VirtualAlloc
GetProcAddress
GlobalAlloc
CreateProcessA
RtlUnwind
UnhandledExceptionFilter
TlsSetValue
WriteFile
FreeEnvironmentStringsA
GetCurrentThreadId
IsValidCodePage
SetLastError
HeapFree
IsBadWritePtr
ExitProcess
CreateThread
FatalAppExitA
GlobalUnlock
Sleep
SetEndOfFile
GetCurrentThread
TlsGetValue
GetStartupInfoA
GetModuleFileNameA
GetStringTypeA
EnterCriticalSection
DeleteCriticalSection
TlsAlloc
SizeofResource
GetTempFileNameA
GetSystemDefaultLangID
GlobalFree
GetEnvironmentStrings
lstrcpyA
SetHandleCount
CompareStringA
TerminateProcess
LoadResource
EnumSystemLocalesA
SetFilePointer
GetFileAttributesA
GetComputerNameA
GetTimeZoneInformation
GetStdHandle
LCMapStringA
GetLocaleInfoA
LockResource
WideCharToMultiByte
InterlockedDecrement
HeapCreate
GetLocaleInfoW
SetEnvironmentVariableA
GetACP
GetStringTypeW
WinExec
GetCPInfo
InterlockedIncrement
FreeEnvironmentStringsW
HeapAlloc
LeaveCriticalSection
CreateFileA
FileTimeToSystemTime
GetVersionExA
FlushFileBuffers
CompareStringW
lstrcatA
MultiByteToWideChar
FindResourceA
InitializeCriticalSection
ResumeThread

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d084f213a6da2f4a256bd019ecdd9940

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 95KB - Virtual size: 95KB

.rsrc Size: 13KB - Virtual size: 150KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 95KB - Virtual size: 95KB

.rsrc
Size: 13KB - Virtual size: 150KB