df9416251f8a41817f4f0a10d5525d6afd709bab32c1dc4f52c9074b91fef65a

Sharing

Copy URL

Twitter E-mail

General

Target

df9416251f8a41817f4f0a10d5525d6afd709bab32c1dc4f52c9074b91fef65a
Size

144KB
MD5

825fff786e21812df42758c5d7920660
SHA1

7b3870728694d20356639bfd9ebb7c8f27901d6f
SHA256

df9416251f8a41817f4f0a10d5525d6afd709bab32c1dc4f52c9074b91fef65a
SHA512

53868601774acc3f47a7555ed3819e42ab78952d934ff8d0cbad2414d2025f018edf06c0ee21e1dba3694e2258e4d4994bc4d56c680445520e5758a1954f5542
SSDEEP

3072:RDBo3MRFzdEfrZst4lM6laXApCpCDSg9p2BFWHxVl2ue3OAaw:RVLdKrZGYaX9pCDS7kHzmOAR

Score

N/A

Malware Config

Signatures

Files

df9416251f8a41817f4f0a10d5525d6afd709bab32c1dc4f52c9074b91fef65a
.exe windows x86

4ab394402be735556772f14656cec490

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GetLocaleInfoA
SetMailslotInfo
lstrcmpA
TerminateThread
GetTempPathW
lstrcpyW
SetHandleInformation
GetACP
SetWaitableTimer
GetDateFormatA
HeapLock
GetCommTimeouts
TryEnterCriticalSection
SetThreadContext
TransactNamedPipe
SetCommMask
ResetEvent
WaitForMultipleObjects
FindNextFileW
LoadLibraryExA
GetLongPathNameW
lstrlenW
FindResourceExW
IsBadReadPtr
LocalReAlloc
SetCurrentDirectoryW
GetTimeZoneInformation
EnumResourceTypesA
GetComputerNameA
ResumeThread
CompareStringA
GlobalFindAtomW
SetEndOfFile
GetVersion
EnterCriticalSection
WideCharToMultiByte
GlobalUnlock
HeapUnlock
GetCPInfo
SleepEx
GlobalFree
CreateWaitableTimerA
MoveFileExW
RtlUnwind
GetBinaryTypeA
GetFileAttributesA
GetTempFileNameA
CreateMutexW
CreateThread
WaitCommEvent
GetThreadContext
FindClose
GlobalDeleteAtom
GetUserDefaultLCID
GetProcessHeap

Exports

Exports

?EightDialog@@YGEUtext@@@Z
?FiveDialog@@YGEUtext@@@Z

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.atrap
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.asap1
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.asap2
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.opock
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.word1
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.word2
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.word3
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ab394402be735556772f14656cec490

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 4KB

.atrap Size: 512B - Virtual size: 28B

.asap1 Size: 512B - Virtual size: 124B

.asap2 Size: 512B - Virtual size: 200B

.opock Size: 15KB - Virtual size: 15KB

.word1 Size: - Virtual size: 4KB

.word2 Size: 20KB - Virtual size: 20KB

.word3 Size: 12KB - Virtual size: 12KB

.rsrc Size: 56KB - Virtual size: 56KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 4KB

.atrap
Size: 512B - Virtual size: 28B

.asap1
Size: 512B - Virtual size: 124B

.asap2
Size: 512B - Virtual size: 200B

.opock
Size: 15KB - Virtual size: 15KB

.word1
Size: - Virtual size: 4KB

.word2
Size: 20KB - Virtual size: 20KB

.word3
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 56KB - Virtual size: 56KB

.reloc
Size: 2KB - Virtual size: 1KB