145dc1474cba24a245450b445ff328bcb83bf9f4c1c36fb900ee3796a5375572

Sharing

Copy URL Twitter E-mail

General

Target

145dc1474cba24a245450b445ff328bcb83bf9f4c1c36fb900ee3796a5375572
Size

480KB
MD5

92792344d9cbe00b01a0a1176aa1e2c0
SHA1

aed3f21e8b29d40685e48347323a7fe53a278bc5
SHA256

145dc1474cba24a245450b445ff328bcb83bf9f4c1c36fb900ee3796a5375572
SHA512

8d7d714229c7d23f69c0fff8173fb952465e272160cd875650916627c848632b2b78186ca72447eaf8de2efc04176b5eccd730e60c1f695bc66c729ad4d86a0d
SSDEEP

6144:J4ethi7nVIRGgpjgqTjvo03C2WhEa+71ibcz4ZBnE7O57coMeNTU18ypRqFZ6gb1:JYV+CgJS2WKOcz4T35LMeRk8ERqFsI1

Score

N/A

Malware Config

Signatures

Files

145dc1474cba24a245450b445ff328bcb83bf9f4c1c36fb900ee3796a5375572
.exe windows x86

aa73754202b014f2df840862a4f4c5df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
Sleep
GetProcAddress
InterlockedExchange
VirtualFree
ResumeThread
GetTickCount
CloseHandle
SetEvent
SystemTimeToFileTime
SetFirmwareEnvironmentVariableA
CreateMutexA
GetModuleHandleA
GetSystemTime
GetSystemDirectoryA
GetTempPathA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
WriteConsoleA
HeapSize
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LocalFree
HeapAlloc
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetLastError
WriteFile
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
ReadFile
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
SetFilePointer
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
VirtualProtect
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
CreateFileA

user32

DestroyWindow
EnableWindow
LoadImageA
PostMessageA
GetSystemMetrics
FindWindowA
GetFocus
EnumWindows
LoadBitmapA
LoadIconA
GetActiveWindow
MessageBoxA

winmm

midiStreamOut
midiOutReset
midiStreamRestart
joySetCapture

dnsapi

DnsAcquireContextHandle_A

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 4KB - Virtual size: 27B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa73754202b014f2df840862a4f4c5df

Headers

File Characteristics

Imports

kernel32

user32

winmm

dnsapi

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 388KB - Virtual size: 386KB

.data Size: 8KB - Virtual size: 10KB

.vdata Size: 4KB - Virtual size: 27B

.tls Size: 12KB - Virtual size: 9KB

.rsrc Size: 12KB - Virtual size: 401KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 388KB - Virtual size: 386KB

.data
Size: 8KB - Virtual size: 10KB

.vdata
Size: 4KB - Virtual size: 27B

.tls
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 12KB - Virtual size: 401KB