b5af4d29ab07d3a96f1683bc4568996a3ccd5e53a5f5dbf0dd61bdeb6a82d1e6

Sharing

Copy URL Twitter E-mail

General

Target

b5af4d29ab07d3a96f1683bc4568996a3ccd5e53a5f5dbf0dd61bdeb6a82d1e6
Size

423KB
MD5

93b6c92aa19e7fe8ab7ae58266442a79
SHA1

83a35391419d8ffbdc7a75b0a12124c5674b9596
SHA256

b5af4d29ab07d3a96f1683bc4568996a3ccd5e53a5f5dbf0dd61bdeb6a82d1e6
SHA512

f51f3b1e843b108b31c2981ca423390f78d182ca09a24bb8662370e2be197e30c54a422350d6529d5eaf1c31d197234fd0ae9d2981b0197e56ba1353242f2eae
SSDEEP

12288:A/MMnMMMMMF42e3D+7ug0lFBnop+kF2srXEwzhvP258F7C:QMMnMMMMMG7TdgUFBZkgQXzvu58w

Score

N/A

Malware Config

Signatures

Files

b5af4d29ab07d3a96f1683bc4568996a3ccd5e53a5f5dbf0dd61bdeb6a82d1e6
.exe windows x86

0490e5ecc150fe20fbe608b373dbcb04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetExitCodeProcess
GetTimeZoneInformation
GlobalHandle
TerminateProcess
SizeofResource
TlsFree
MultiByteToWideChar
_lclose
GetSystemTime
FreeLibrary
WriteFile
LoadLibraryA
GlobalDeleteAtom
HeapFree
CreateProcessA
SetFilePointer
InitializeCriticalSection
RaiseException
WinExec
GetTempFileNameA
InterlockedDecrement
GetLastError
LockResource
GetVersionExA
IsBadCodePtr
SetEvent
GetCurrentDirectoryA
GetOEMCP
LCMapStringW
GetProcAddress
GlobalFree
GlobalAlloc
GetTempPathA
GetCurrentThreadId
GetLocaleInfoA
LoadResource
DeleteCriticalSection
GetSystemDirectoryA
HeapSize
InterlockedIncrement
GlobalSize
ExitThread
SetErrorMode
SetHandleCount
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsA
GetStartupInfoA
GetProfileStringA
_llseek
lstrcmpiA
CloseHandle
TlsSetValue
GetUserDefaultLCID
GetStringTypeA
lstrcmpiW
GetCurrentProcessId
GetSystemDefaultLangID
CreateSemaphoreA
CompareStringW
GetTickCount
GetEnvironmentStringsW
SetLocalTime
GetStdHandle
lstrcpynA
EnterCriticalSection
GlobalUnlock
WideCharToMultiByte
GetStringTypeExA
DuplicateHandle
LoadLibraryExA
ResumeThread
MoveFileA
VirtualAlloc
_lwrite
GetShortPathNameA
VirtualQuery
GetFullPathNameA
GetCommandLineA
TlsGetValue
GetModuleHandleA
GetDriveTypeA
CreateEventA
GlobalLock
FormatMessageW
VirtualProtect
CompareStringA
GetStringTypeW
SearchPathA
GetVersion
CreateThread
GetModuleFileNameA
SetEndOfFile
ResetEvent
FindNextFileA
FindClose
SystemTimeToFileTime
lstrlenA
VirtualFree
HeapReAlloc
SetLastError
FreeEnvironmentStringsW
DeleteFileA
CreateFileA
FileTimeToSystemTime
IsBadReadPtr

ddraw

DirectDrawEnumerateA

user32

CallMsgFilterW

msi

MsiAdvertiseProductW
MsiDatabaseCommit
MsiConfigureFeatureW

samlib

SamTestPrivateFunctionsUser
SamRemoveMultipleMembersFromAlias
SamConnectWithCreds
SamiEncryptPasswords

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0490e5ecc150fe20fbe608b373dbcb04

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ddraw

user32

msi

samlib

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 393KB - Virtual size: 392KB

.data Size: 20KB - Virtual size: 872KB

.rdata Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 393KB - Virtual size: 392KB

.data
Size: 20KB - Virtual size: 872KB

.rdata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 64B