3919d088fcc782a2f3ae0d42f8642d82061fdf47957a3904221a42d7222150f7

Sharing

Copy URL Twitter E-mail

General

Target

3919d088fcc782a2f3ae0d42f8642d82061fdf47957a3904221a42d7222150f7
Size

620KB
MD5

0c1ca6dad887ad9c33030f2d83337290
SHA1

4b1f948134f44f49a74bec1748dd6eacda12e728
SHA256

3919d088fcc782a2f3ae0d42f8642d82061fdf47957a3904221a42d7222150f7
SHA512

7f832e76e02f244998c129e942c73da129d46246d9b722e2dde9261a2b15ffecbc5843cc9206e22af952a739ac7569c69f91997a097b3e42641b817a3f6d7890
SSDEEP

12288:XgvNkeQEINKKcO479Zud/Gfad5sJwUHmmfn99tbRvAx2oNZ/v:eKcFxcd/GoyaKH9Pb2x26

Score

N/A

Malware Config

Signatures

Files

3919d088fcc782a2f3ae0d42f8642d82061fdf47957a3904221a42d7222150f7
.exe windows x86

9e6e6453f51ebf46964c04706a5b502b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind
memcpy
sin

kernel32

InterlockedCompareExchange
AddVectoredExceptionHandler
GetLastError
GetExitCodeProcess
CreateWaitableTimerW
GetCurrentThread
RemoveVectoredExceptionHandler
lstrcmpiA
GetStdHandle
GlobalFree
FindResourceA
MultiByteToWideChar
GetDiskFreeSpaceA
GetFileSize
SetStdHandle
GetWindowsDirectoryA
GetEnvironmentStrings
CreateFileMappingA
GetStringTypeW
HeapAlloc
MapViewOfFile
MoveFileExA
IsBadCodePtr
SizeofResource
UnhandledExceptionFilter
GlobalLock
WritePrivateProfileStringA
FindFirstFileA
SetFilePointer
TerminateProcess
IsBadReadPtr
GlobalAlloc
lstrlenA
GetModuleFileNameA
GetPrivateProfileSectionA
CompareStringA
CreateFileA
LocalAlloc
UnmapViewOfFile
GetOEMCP
GetEnvironmentStringsW
LockResource
LoadLibraryA
SetUnhandledExceptionFilter
LCMapStringW
GetModuleHandleA
GetPrivateProfileStringA
WideCharToMultiByte
ExitProcess
LCMapStringA
GetProcessHeap
GetShortPathNameA
GetFileType
lstrcatA
GetStringTypeA
FindClose
CloseHandle
GetProcAddress
SetHandleCount
HeapFree
lstrcpyA
GlobalUnlock
LocalFree
FreeEnvironmentStringsW
LoadResource
CreateDirectoryA
SetEnvironmentVariableA
GetTimeZoneInformation
GetLocaleInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
CompareStringW
GetTempPathA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
GetVersionExA
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
WriteFile
FreeEnvironmentStringsA
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
GetCPInfo
GetACP
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryExA
InitializeCriticalSection
Sleep
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetCurrentProcess

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHGetMalloc

advapi32

RegQueryValueExA
RegOpenKeyExA

user32

InsertMenuW

Exports

Exports

er6xgh5edrujy
klui90h
vbnvcbcvbdf

Sections

.text
Size: 236KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eh_fra0
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

~%r4D?&(
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SN#-
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e6e6453f51ebf46964c04706a5b502b

Headers

File Characteristics

Imports

ntdll

kernel32

shell32

advapi32

user32

Exports

Exports

Sections

.text Size: 236KB - Virtual size: 450KB

.rdata Size: 176KB - Virtual size: 174KB

.eh_fram Size: 44KB - Virtual size: 42KB

.edata Size: 12KB - Virtual size: 9KB

.eh_fra0 Size: 4KB - Virtual size: 1KB

~%r4D?&( Size: 84KB - Virtual size: 83KB

SN#- Size: 4KB - Virtual size: 2KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 236KB - Virtual size: 450KB

.rdata
Size: 176KB - Virtual size: 174KB

.eh_fram
Size: 44KB - Virtual size: 42KB

.edata
Size: 12KB - Virtual size: 9KB

.eh_fra0
Size: 4KB - Virtual size: 1KB

~%r4D?&(
Size: 84KB - Virtual size: 83KB

SN#-
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 56KB - Virtual size: 52KB