c91d31f2acd2a4749358a9749143f09576c2f3162c62f773dcb4a2cd841bb403_unpacked

Sharing

Copy URL Twitter E-mail

General

Target

c91d31f2acd2a4749358a9749143f09576c2f3162c62f773dcb4a2cd841bb403_unpacked
Size

86KB
MD5

0dbcfb43d656cbf65efc5f097faacc46
SHA1

d8ec27f770641608554157e8d703d089f3ee2005
SHA256

a54e62b425d0578862a088b6038f773ca919493579f029eebbad46df83eca50e
SHA512

09f9de150ced92f5b821e658b01dc8853bb663ea4812c2b20a02145aed3f1d53dd5d0f12f5efaabb101792b24f7e063a1643ca79006a1a720f0f8106179aa69f
SSDEEP

1536:HjSdjdQRzfLG7rltLRAmHGmJTNNxNcmxamFGsWjcdBK:DSrcyNtlAi1xtpBK

Score

N/A

Malware Config

Signatures

Files

c91d31f2acd2a4749358a9749143f09576c2f3162c62f773dcb4a2cd841bb403_unpacked
.exe windows x86

d2d9b99e638890ee1c08ed61fc2aa5b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetModuleFileNameW
CreateFileW
GetLastError
SetLastError
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
GetTempFileNameW
CreateDirectoryW
GetTickCount
GetFileAttributesW
GetTempPathW
lstrcpyW
LoadLibraryW
GetFileSize
MapViewOfFile
UnmapViewOfFile
VirtualFree
GetProcAddress
VirtualAlloc
LoadLibraryA
CreateFileMappingW
LocalFree
WideCharToMultiByte
GetProcessHeap
lstrlenA
lstrcmpiW
Sleep
GetNativeSystemInfo
WaitForSingleObject
GetComputerNameW
GetModuleHandleW
GetLocaleInfoW
lstrcatW
SetEvent
CreateThread
CreateMutexW
GetCurrentProcess
SignalObjectAndWait
ResetEvent
CreateEventW
ReleaseMutex
GetWindowsDirectoryW
GetVolumeInformationW
LCMapStringW
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
MultiByteToWideChar
GetStringTypeW
WriteConsoleW
SetStdHandle
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers

user32

RegisterClassW
DefWindowProcW
DispatchMessageW
SetTimer
GetMessageW
TranslateMessage
ShowWindow
CreateWindowExW

advapi32

OpenProcessToken
GetLengthSid
GetTokenInformation

shell32

SHGetFolderPathW
ShellExecuteW
SHFileOperationW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2d9b99e638890ee1c08ed61fc2aa5b3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 5KB - Virtual size: 14KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 5KB - Virtual size: 14KB