afdb13e1f7054e6293489a2e12ea655c4cb656ba3fd6f1c97f0dce25f4628bf7

General

Target

afdb13e1f7054e6293489a2e12ea655c4cb656ba3fd6f1c97f0dce25f4628bf7
Size

101KB
MD5

92df1d5a3835e54db16b1c4745d10af0
SHA1

cdd0bcfb9120804f7d84ecbdde2695abe1d8b037
SHA256

afdb13e1f7054e6293489a2e12ea655c4cb656ba3fd6f1c97f0dce25f4628bf7
SHA512

98f39a0ce352ea998495567261cdf5065fb5cd6dd793003cae342ae5668c685ad35342d7f83b00469367d2f181875e67fda913fa73080ac14b5de829565aa6cc
SSDEEP

1536:BUKY/FF08H52t7ZgnmYVPS7aDzVaRUPtNwSxe+M9PuDIvpr/L6:BrSx52t7ZS4uDzYuxOuDIvprD6

Score

N/A

Malware Config

Signatures

Files

afdb13e1f7054e6293489a2e12ea655c4cb656ba3fd6f1c97f0dce25f4628bf7
.exe windows x86

54bd610b918faa39854afe760b7a697d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
LCMapStringW
MultiByteToWideChar
GetStringTypeW
CloseHandle
DeviceIoControl
GetLastError
HeapCreate
GetTickCount
GetCurrentProcess
HeapAlloc
GetFileType
CreateFileA
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
HeapFree
HeapReAlloc
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

user32

ClientToScreen
GetParent
LoadMenuA
WindowFromPoint
GetAncestor
GetDlgItem
SetDlgItemTextW
UpdateWindow
EnableWindow

advapi32

RegCloseKey

shell32

DragQueryFileW
DragFinish
DragQueryPoint

gdiplus

GdiplusStartup

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54bd610b918faa39854afe760b7a697d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdiplus

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 28KB - Virtual size: 39KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 28KB - Virtual size: 39KB

.rsrc
Size: 18KB - Virtual size: 17KB