531a13d2d49053dccc25edb6769d1d784f92bfdf87b08e9c272410f76d6d898c

Sharing

Copy URL Twitter E-mail

General

Target

531a13d2d49053dccc25edb6769d1d784f92bfdf87b08e9c272410f76d6d898c
Size

363KB
MD5

0b856a81ef06d6acde81c453b7660860
SHA1

baf11543541baa85b14a95ef50f076c8ccca143a
SHA256

531a13d2d49053dccc25edb6769d1d784f92bfdf87b08e9c272410f76d6d898c
SHA512

1b481d8c4371be75b354063f968daa16ca63d252467448e0929a49689179f227cf10c6df70128e52df1ccdf38736efe40f332867c1217c213a85e2fc6cb34f28
SSDEEP

6144:DU2yTqF84LY4SLUn+uxRz1XeEfSS6PzkGFD2xMrBY8ZykuwEn10DIs3kZWL:DUrsYW+u4dkGFCxMrzykuwHIgL

Score

N/A

Malware Config

Signatures

Files

531a13d2d49053dccc25edb6769d1d784f92bfdf87b08e9c272410f76d6d898c
.exe windows x86

bdf1f3dfc27581c15ef4d94578c6275c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

kernel32

HeapDestroy
FreeLibrary
LocalFree
LocalAlloc
GetOEMCP
GetWindowsDirectoryW
IsProcessorFeaturePresent
VirtualProtect
GetModuleHandleA
GetStartupInfoW
GetVersionExA
GetProcAddress
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
RaiseException
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetCPInfo
GetSystemInfo
GetACP

Exports

Exports

ButWater
Realfor

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdf1f3dfc27581c15ef4d94578c6275c

Headers

File Characteristics

Imports

ole32

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 66KB - Virtual size: 65KB

.data Size: 78KB - Virtual size: 598KB

.idata Size: 2KB - Virtual size: 2KB

.didat Size: 1024B - Virtual size: 922B

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 66KB - Virtual size: 65KB

.data
Size: 78KB - Virtual size: 598KB

.idata
Size: 2KB - Virtual size: 2KB

.didat
Size: 1024B - Virtual size: 922B

.rsrc
Size: 22KB - Virtual size: 22KB