fa0ffde88630bf085228632006febf7441a2e4258dce5257ffc7513b1c68c34c

General

Target

fa0ffde88630bf085228632006febf7441a2e4258dce5257ffc7513b1c68c34c
Size

35KB
MD5

0cdacde4452e5455574fbafa8807b850
SHA1

5680f07302440bbab027d8285c7eb3d7c5e53ec3
SHA256

fa0ffde88630bf085228632006febf7441a2e4258dce5257ffc7513b1c68c34c
SHA512

b1c3a9c16b232562517bde5ddce8073037c1d7df82a052468794d9ee66416067100864139fa63e77921831fa19e74613c6e561256f65c1b32eeee96f769cf706
SSDEEP

768:uYT8XO7tC9Ki9eRX6clUAjtNvpFvtmxNr3Wos9VyLnmQqQq7UyS9hZV:uN93UYcNjt9tmx1QnymQqb7U5r

Score

N/A

Malware Config

Signatures

Files

fa0ffde88630bf085228632006febf7441a2e4258dce5257ffc7513b1c68c34c
.exe windows x64

ad1e65c4ede88d5fa59075ae8bda91f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcmpiW
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
GetSystemTimeAsFileTime

user32

SendMessageW
MessageBoxW

msvcr80

_initterm_e
_configthreadlocale
__setusermatherr
_commode
_initterm
_encode_pointer
__set_app_type
__crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
__winitenv
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
_amsg_exit
sprintf
_wtoi
_fmode

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bkzfmto
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad1e65c4ede88d5fa59075ae8bda91f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr80

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 240B

.rsrc Size: 27KB - Virtual size: 28KB

bkzfmto Size: - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 240B

.rsrc
Size: 27KB - Virtual size: 28KB

bkzfmto
Size: - Virtual size: 4KB