1b012d99ec58ea9d6d9b59b12fd6d0b25025db5ab6cf602b8c4a7a7e88bfa7fe

General

Target

1b012d99ec58ea9d6d9b59b12fd6d0b25025db5ab6cf602b8c4a7a7e88bfa7fe
Size

245KB
MD5

a3a3f76fe1350a508872b7b756b31770
SHA1

c9ed52de307ebeef7f5d5d00eac618f26b97a836
SHA256

1b012d99ec58ea9d6d9b59b12fd6d0b25025db5ab6cf602b8c4a7a7e88bfa7fe
SHA512

c9ce1856b2d00a6b394904adba509b018d77407abbb53efee1e7bd307665566c3011d17b60e1396d2530fdb5f6291148c3a940a22516c31a839c6bcbba27d982
SSDEEP

6144:35eLmEml6KSEr83oxbmamW12A/vmJc7jKQJ5:3si6rITmW12avwY

Score

N/A

Malware Config

Signatures

Files

1b012d99ec58ea9d6d9b59b12fd6d0b25025db5ab6cf602b8c4a7a7e88bfa7fe
.exe windows x86

d002f0ff0e98fd9682a79ac1b8aca29d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
SetFilePointer
VirtualAlloc
GetCurrentProcessId
LocalFree
VirtualFree
GetWindowsDirectoryA
GetVersionExA
SetEvent
CreateSemaphoreA
GetCurrentDirectoryA
SuspendThread
ReadFile
GetStdHandle
CreateFileA
CreateEventA
CloseHandle
DeleteFileA
OutputDebugStringA
WaitForSingleObject
Sleep
ResetEvent
FatalExit
GetCurrentThread
GetModuleHandleA
GetCurrentProcess
LocalAlloc
ExitProcess
GetTickCount
GetCurrentThreadId
GetFileSize
lstrlenA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent

advapi32

GetUserNameA

user32

RegisterClassA
FindWindowA
CreateDialogParamA
GetForegroundWindow
GetClassInfoExA
wsprintfA
PostMessageA
GetSystemMetrics
MessageBoxA
SendMessageA
GetWindow
ShowWindow

ole32

CoUninitialize

shlwapi

SHGetValueA

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d002f0ff0e98fd9682a79ac1b8aca29d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

ole32

shlwapi

Sections

.text Size: 148KB - Virtual size: 148KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 92KB - Virtual size: 93KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 148KB - Virtual size: 148KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 92KB - Virtual size: 93KB

.rsrc
Size: 512B - Virtual size: 436B