249e81ac487e087b7567fda03f4d70f29406e1f883a60b759a9dea0eb4fb6073

General

Target

249e81ac487e087b7567fda03f4d70f29406e1f883a60b759a9dea0eb4fb6073
Size

163KB
MD5

518886acf9505f98324687b5b1249d80
SHA1

ab2fce849eda593390777435c36bc01ef54443eb
SHA256

249e81ac487e087b7567fda03f4d70f29406e1f883a60b759a9dea0eb4fb6073
SHA512

2fc27a541b67b1abb895177aac8aa0b72e5061aacc23e88ee8c7305e1d02a56dc32afac67c9766a0cdb68f71774d4e78597b85dee6b254f0e8c422688c54e652
SSDEEP

3072:TMNoPSL3ezsUStf32L8zSRrLPInTrMG3hAzYForcobLBiLsL5Q1Da:K+43ezOf32L8mGTYGRIY+LMLsNQZ

Score

N/A

Malware Config

Signatures

Files

249e81ac487e087b7567fda03f4d70f29406e1f883a60b759a9dea0eb4fb6073
.exe windows x86

18d86829497c04d28ffc360fcf66445e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetDriveNumberW
PathRemoveBlanksA
StrTrimA

kernel32

GetWindowsDirectoryA
GlobalLock
GlobalFree
lstrcatA
FindFirstFileA
DeviceIoControl
SetFileTime
GetModuleFileNameA
OpenFileMappingW
ExitProcess
GetModuleHandleA
SetErrorMode
lstrcpyA
lstrcmpiA
LocalFileTimeToFileTime
SetLastConsoleEventActive
GetEnvironmentVariableA
GetCurrentDirectoryA
GlobalUnlock
GetProcAddress
GlobalAlloc
GetVolumeInformationA
_lwrite
FreeLibrary
_lopen
_llseek
GetCommandLineA
FindClose
WinExec
GetVersion
CreateDirectoryA
GetDriveTypeA
GetTimeZoneInformation
lstrlenA
GlobalHandle
_lread
DosDateTimeToFileTime
_lcreat
SetCurrentDirectoryA
_lclose

gdi32

SelectObject
GetObjectA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 145KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18d86829497c04d28ffc360fcf66445e

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

gdi32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 5KB - Virtual size: 51KB

.rsrc Size: 2KB - Virtual size: 2KB

.edata Size: 145KB - Virtual size: 203KB

.data Size: 1024B - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 5KB - Virtual size: 51KB

.rsrc
Size: 2KB - Virtual size: 2KB

.edata
Size: 145KB - Virtual size: 203KB

.data
Size: 1024B - Virtual size: 4KB