f84471b5b49106a7ce23ee30ed3cf0ac7c785cd3847b23b42d9bf20890939371

Sharing

Copy URL Twitter E-mail

General

Target

f84471b5b49106a7ce23ee30ed3cf0ac7c785cd3847b23b42d9bf20890939371
Size

232KB
MD5

093854c2995dbbba2c6cd371358062ee
SHA1

2b72d59f62f7765002b73ca95a56fe287cffa21b
SHA256

f84471b5b49106a7ce23ee30ed3cf0ac7c785cd3847b23b42d9bf20890939371
SHA512

1587499f80bf31603875b0d34eb39733184842c2f3c6a2f046e3e90ca6a31d57941e0d667856f890b4040df9031a7e42bb26fd7b86492a791c0ae896a9d81684
SSDEEP

3072:Ha4tiEofSybnWS5MyaPrtq4kxumiz1/oLTOHTyKSuAh0msE3tnUYQPW5WFCSBFnL:HaMVoJbn55lfHOsYSMwtnvQ84CS/rT

Score

N/A

Malware Config

Signatures

Files

f84471b5b49106a7ce23ee30ed3cf0ac7c785cd3847b23b42d9bf20890939371
.exe windows x86

a318c3e306cafc2f3f40e1e5dfce857a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CreateFileW
HeapSize
FlushFileBuffers
HeapReAlloc
GlobalFree
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
CloseHandle
GetCurrentThreadId
QueryPerformanceFrequency
WriteConsoleW
SetHandleCount
GetEnvironmentStringsW
GetLastError
SetConsoleTitleA
HeapCreate
GlobalAlloc
WriteFile
GetProcessHeap
GetCurrentProcess
HeapAlloc
MultiByteToWideChar
HeapFree
DeleteCriticalSection
InterlockedDecrement
GetCPInfo
WideCharToMultiByte
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetTimeZoneInformation
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
GetStdHandle
GetModuleFileNameW
LCMapStringW
GetStringTypeW
Sleep
RtlUnwind
LoadLibraryW
GetModuleFileNameA
FreeEnvironmentStringsW
SetEnvironmentVariableA

user32

DialogBoxParamA
DestroyWindow
SendDlgItemMessageA
LoadBitmapA
LoadMenuA
GetClientRect
GetWindowTextLengthA
MessageBoxA
CreateWindowExA
GetDlgItem
CloseWindow
UpdateWindow
EnableWindow
FindWindowA
GetDlgItemTextA

gdi32

CreateCompatibleDC
EndDoc
GetStockObject
SelectObject

winspool.drv

ClosePrinter

advapi32

EqualSid
GetTokenInformation

comctl32

ord17

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a318c3e306cafc2f3f40e1e5dfce857a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 145KB - Virtual size: 153KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 145KB - Virtual size: 153KB

.rsrc
Size: 1KB - Virtual size: 1KB