4590fde12c349d5ea8e0c9c6de52da72dc7cbccd0e5e90918fb4e1c26991d3f8

Sharing

Copy URL

Twitter E-mail

General

Target

4590fde12c349d5ea8e0c9c6de52da72dc7cbccd0e5e90918fb4e1c26991d3f8
Size

306KB
MD5

05411fa77a3755414ba73914d882e098
SHA1

7d2fc806edbaaeb71d52755984addd6e77accb75
SHA256

4590fde12c349d5ea8e0c9c6de52da72dc7cbccd0e5e90918fb4e1c26991d3f8
SHA512

42ebad281a5d4b97a37f223a480273a0e67f688148a46df45069553c0050cc42b8843c500a8897dbb87985471c7cf1f757e0965d84c94b370ec4c6c809a21854
SSDEEP

6144:ZdWdBtt0ZzJ0JbHyfnr5LqYDXXjldZuy8fI0kBFML9oE3D/TVKqEnk3OW:ZdWdLt0RObpYzzley8kMuERK0+W

Score

N/A

Malware Config

Signatures

Files

4590fde12c349d5ea8e0c9c6de52da72dc7cbccd0e5e90918fb4e1c26991d3f8
.exe windows x86

bc56d66bdd14ba1e8c7981f97be8d4dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

FillConsoleOutputAttribute
GetCurrentThreadId
CloseHandle
WriteConsoleW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
SetFilePointer
HeapSize
LCMapStringW
IsProcessorFeaturePresent
GetConsoleScreenBufferInfo
RtlUnwind
IsValidLocale
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadLibraryW
GetLastError
SetConsoleCursorPosition
HeapCreate
GetCurrentProcess
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
WideCharToMultiByte
HeapFree
HeapAlloc
EnumSystemLocalesA
FillConsoleOutputCharacterA
InterlockedDecrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
MultiByteToWideChar
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetProcAddress
CreateFileW

user32

LoadMenuA
IsWindowEnabled
GetDlgItem
UpdateWindow
LoadCursorA

comctl32

ord17

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 201KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc56d66bdd14ba1e8c7981f97be8d4dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 201KB - Virtual size: 242KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 201KB - Virtual size: 242KB

.rsrc
Size: 17KB - Virtual size: 16KB