5d208f20f407ecf4e378ff9c5b04848224fc2fdc791d20e9147ddad97cb7e90d

Sharing

Copy URL

Twitter E-mail

General

Target

5d208f20f407ecf4e378ff9c5b04848224fc2fdc791d20e9147ddad97cb7e90d
Size

186KB
MD5

8c7b86b3985932e0582fb1bc5c187ba8
SHA1

a2f8a139046b97794b4fc3587a134000e8af4e0c
SHA256

5d208f20f407ecf4e378ff9c5b04848224fc2fdc791d20e9147ddad97cb7e90d
SHA512

7c966f252ec700f8712f7b9c12c7dcbc8db9b0999a57b21ec8e0c15ec642b7c81616c1781b4aa86c8d6c5f01e604edd130c9f8e69afce83383235da868339552
SSDEEP

1536:9Sf/UQGzbuOuoCHD0wChlsmIpEKHxkY9wgbFTnc3tZ4qfo9XkTv:9oUQ4bDuoCHQwCscKHeYbFTC+qfoxkTv

Score

N/A

Malware Config

Signatures

Files

5d208f20f407ecf4e378ff9c5b04848224fc2fdc791d20e9147ddad97cb7e90d
.exe windows x86

f209ec6d4fd7d1df92af5c0cf3c0e732

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetConsoleCtrlHandler
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetFilePointer
ReadFile
GetFileType
SetHandleCount
CloseHandle
HeapCreate
IsBadWritePtr
IsBadReadPtr
HeapValidate
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
HeapReAlloc
HeapFree
GetLastError
VirtualFree
VirtualAlloc
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
LCMapStringW

user32

MessageBoxA

lua51

lua_error
lua_tointeger
lua_touserdata
lua_gc
luaL_openlibs
lua_createtable
lua_pushstring
lua_rawseti
lua_load
luaL_checkstack
lua_call
luaL_newstate
lua_pushcclosure
lua_pushinteger
lua_pushlightuserdata
lua_pcall
lua_tolstring
lua_close
luaL_error
lua_setfield

skinh

SkinH_Attach

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f209ec6d4fd7d1df92af5c0cf3c0e732

Headers

File Characteristics

Imports

kernel32

user32

lua51

skinh

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB