ad8e521af2c452f7ff5c2a4dd55958fa2a32e5b4a36c08eacc5554bfd33617ea

Sharing

Copy URL Twitter E-mail

General

Target

ad8e521af2c452f7ff5c2a4dd55958fa2a32e5b4a36c08eacc5554bfd33617ea
Size

173KB
MD5

8436deb2f20423c8f5d8b6b7df54186c
SHA1

9e8037ef2d49049c33e0cee8cb7ffd6aa3ae2601
SHA256

ad8e521af2c452f7ff5c2a4dd55958fa2a32e5b4a36c08eacc5554bfd33617ea
SHA512

301c3f1bf75000a0afabdc7ef80fbeabeaf09e4f0fdf5b8d1a1053132f1acd0c44530143d650d2ad0c2adbf9cf95f1c2f62acb4e67788b1f7eda5bcd5a5eb3f6
SSDEEP

3072:jhkIVYmbh2Lz/tExvclTyB5xHPw1zn2b3CY6:jhkrmb8W1mgI1zkCY6

Score

N/A

Malware Config

Signatures

Files

ad8e521af2c452f7ff5c2a4dd55958fa2a32e5b4a36c08eacc5554bfd33617ea
.exe windows x86

97712f09c7f8936fab5f461b41a764bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
CloseHandle
WaitForSingleObject
Sleep
CreateThread
GlobalAlloc
GetCurrentThreadId
SetEvent
GetCommandLineW
GetThreadLocale
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GlobalLock
GlobalUnlock
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CreateEventW
lstrlenW
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetVersionExA
GetProcessHeap
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InterlockedExchange

user32

CharUpperW
SendMessageW
CharNextW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TranslateMessage
DispatchMessageW
GetMessageW
UnregisterClassA
PostThreadMessageW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoCreateInstance

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

97712f09c7f8936fab5f461b41a764bf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 80KB - Virtual size: 80KB