1360c484bf711df518004b95a34ead21a523b6b3bc9a23761764d592b95f633e

Sharing

Copy URL Twitter E-mail

General

Target

1360c484bf711df518004b95a34ead21a523b6b3bc9a23761764d592b95f633e
Size

393KB
MD5

e4e233852f3a1bba3eceade9b55dc5cb
SHA1

79e81961f3864f75bb8eebcddf815a9aeea30978
SHA256

1360c484bf711df518004b95a34ead21a523b6b3bc9a23761764d592b95f633e
SHA512

1a15a3377e4c1eafd0438d1154878e9e516ab9a9d1dcb4da63638adc73d47e744a488f686fa350c433cdf171d6960cd791a1244c595085129e43a4920f2efd73
SSDEEP

6144:y4sueANTc8Y8PuZC22zpNxEs1zIUL/dguH/Gaxf0XUcTRwr1+P:3e8Y8mZClzpbEsKUL/dNOlX1wr1K

Score

N/A

Malware Config

Signatures

Files

1360c484bf711df518004b95a34ead21a523b6b3bc9a23761764d592b95f633e
.exe windows x86

bf765412865f4e0f5346b2263e8f8f85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsWow64Process
GetPriorityClass
Process32NextW
GetCurrentProcess
CreateDirectoryW
SetFileAttributesW
GetTempPathW
GetModuleHandleW
GetModuleFileNameW
FindResourceW
SizeofResource
LoadResource
LockResource
FindFirstFileW
FindNextFileW
FindClose
GetModuleFileNameA
CloseHandle
WaitForSingleObject
GetCurrentProcessId
CreateThread
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
DeleteFileW
CopyFileW
Sleep
ReadProcessMemory
VirtualQueryEx
SetEndOfFile
CreateFileW
OutputDebugStringW
ReadConsoleW
WriteConsoleW
SetStdHandle
LoadLibraryExW
HeapReAlloc
FreeEnvironmentStringsW
OpenProcess
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
HeapFree
GetCommandLineW
RaiseException
RtlUnwind
HeapAlloc
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetProcAddress
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
FlushFileBuffers
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

wininet

InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpOpenRequestW
HttpSendRequestW
InternetOpenUrlW
InternetSetOptionW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf765412865f4e0f5346b2263e8f8f85

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

iphlpapi

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 157KB - Virtual size: 157KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 157KB - Virtual size: 157KB

.reloc
Size: 10KB - Virtual size: 9KB