f1ae6f007a6836ae7fba9b56492e54e02590eef4bd6d532d58bdf45445194757

General

Target

f1ae6f007a6836ae7fba9b56492e54e02590eef4bd6d532d58bdf45445194757
Size

184KB
MD5

0cf2854651440919797358b47ed917a9
SHA1

9b08cb86f92d01b72b147266e7a26d1fced69176
SHA256

f1ae6f007a6836ae7fba9b56492e54e02590eef4bd6d532d58bdf45445194757
SHA512

07581dd39640f53f6a72c0f502ecfcb44a8f7f4d374f385f417ca649175bacb7b7515e477693a645ca5b15d0680c2192ccccfacda2464026f362afa6902ce29e
SSDEEP

3072:a0R9KB8CXxReL7DiCwZCov6ZSjaw1nwcr8AgbAaRtRDLjssyyAgJb8di6wxd5nDr:bRU6CXxRevDiCwZCVSuw9HYBftmEui6W

Score

N/A

Malware Config

Signatures

Files

f1ae6f007a6836ae7fba9b56492e54e02590eef4bd6d532d58bdf45445194757
.exe windows x86

13f40932178d5ec2f8cfffdc5fa85c7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr90

_except_handler4_common
_decode_pointer
_controlfp_s
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_invoke_watson
printf

ole32

CLSIDFromString

kernel32

RaiseException
LocalAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualProtect
GetLastError
LoadLibraryA
FreeLibrary

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 176KB - Virtual size: 472KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

13f40932178d5ec2f8cfffdc5fa85c7b

Headers

DLL Characteristics

File Characteristics

Imports

msvcr90

ole32

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 924B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 404B

.vmp0 Size: 176KB - Virtual size: 472KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 924B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 404B

.vmp0
Size: 176KB - Virtual size: 472KB