2834979e6ebe650e83d85c78555316c7a107aeb5f7fa17c8e3f155156b23ac98

General

Target

2834979e6ebe650e83d85c78555316c7a107aeb5f7fa17c8e3f155156b23ac98
Size

542KB
MD5

a26d13842c43ed560e71bc2725a90235
SHA1

bae27c3512d6bdc50c9d0eac790978a8082d127e
SHA256

2834979e6ebe650e83d85c78555316c7a107aeb5f7fa17c8e3f155156b23ac98
SHA512

628b4376457c009f30381ace536e5378d2f06e4b757726316e30eb3efe345ef2671eab157ca5e3fb669fdd0e0e9d7afad6c9eb85b7ba564f9f106cbcdbad9bd2
SSDEEP

12288:f4IGEE5gDeqqndpJ1HZluFEgfRPKTWV6BYrTP+3WNz:AuAl2FNxhV6u6c

Score

N/A

Malware Config

Signatures

Files

2834979e6ebe650e83d85c78555316c7a107aeb5f7fa17c8e3f155156b23ac98
.exe windows x86

8c066ce07403200e155626935b4b7ff3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
GlobalMemoryStatus
LoadLibraryA
MulDiv
VirtualAllocEx
VirtualFree

setupapi

SetupDiGetHwProfileFriendlyNameW
SetupRemoveInstallSectionFromDiskSpaceListW
SetupRemoveSectionFromDiskSpaceListA
SetupRemoveFileLogEntryA

user32

IsClipboardFormatAvailable
NotifyWinEvent
OemKeyScan
RegisterWindowMessageW
ScreenToClient
wsprintfA
ToUnicodeEx
UnregisterClassA
UnregisterDeviceNotification
WINNLSGetEnableStatus
wvsprintfA
GetKeyboardState
EnumPropsExA
EnumDesktopsA
SetMessageQueue
CharToOemA
GetUserObjectSecurity

msvcrt

free
exit
_wcsicmp
__p__commode
__getmainargs

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rata
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8c066ce07403200e155626935b4b7ff3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

setupapi

user32

msvcrt

Sections

.text Size: 32KB - Virtual size: 36KB

.data Size: 313KB - Virtual size: 316KB

.rata Size: 188KB - Virtual size: 188KB

.bss Size: - Virtual size: 16KB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 32KB - Virtual size: 36KB

.data
Size: 313KB - Virtual size: 316KB

.rata
Size: 188KB - Virtual size: 188KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB