50f26f386e8e000d4ff6b8d83fa37ad3d531d308b83568c5b38afc0f277b09a4

General

Target

50f26f386e8e000d4ff6b8d83fa37ad3d531d308b83568c5b38afc0f277b09a4
Size

596KB
MD5

03c2dd164a22a9db0d73fd8a68470120
SHA1

312d3104d846b4c16008a319b540337e276b9eb7
SHA256

50f26f386e8e000d4ff6b8d83fa37ad3d531d308b83568c5b38afc0f277b09a4
SHA512

687fe463edff5ee395d86a4f73a95c7b94ef2eefed839d634075c755d72e842fde6264baf4d1c321dc0aad3a8bec90e7ddd161c88dabb17278bfa6c20ddecf21
SSDEEP

12288:7H+S+rkdiEc5GNKZPGTJMNLC5uR2vlBIHXvj:7H+KQ7GIcTyeRlUfj

Score

N/A

Malware Config

Signatures

Files

50f26f386e8e000d4ff6b8d83fa37ad3d531d308b83568c5b38afc0f277b09a4
.exe windows x64

fbc054a5b8ee8c449880bdf33f6f529d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
HeapSetInformation
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetProcessHeap
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
GetStartupInfoW
Sleep
GetCurrentProcessId
GetCommandLineW
UnhandledExceptionFilter

msvcrt

__set_app_type
__getmainargs
__C_specific_handler
_XcptFilter
_exit
?terminate@@YAXXZ
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_cexit
_ismbblead

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

shell32

CommandLineToArgvW

fverecover

FveRecoverWizard

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fbc054a5b8ee8c449880bdf33f6f529d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

shell32

fverecover

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 168B

.rsrc Size: 89KB - Virtual size: 88KB

.reloc Size: 512B - Virtual size: 96B

.vmp0 Size: 500KB - Virtual size: 1.8MB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 168B

.rsrc
Size: 89KB - Virtual size: 88KB

.reloc
Size: 512B - Virtual size: 96B

.vmp0
Size: 500KB - Virtual size: 1.8MB