dc5aa9b53e758b0163847cfa43ed275a368f722d96573880be406127f2ba3147

General

Target

dc5aa9b53e758b0163847cfa43ed275a368f722d96573880be406127f2ba3147
Size

220KB
MD5

03f25ef07526cb1d200c0f61222a55c7
SHA1

cbd1fd17723097eb598b4d83646cc847a5540b1d
SHA256

dc5aa9b53e758b0163847cfa43ed275a368f722d96573880be406127f2ba3147
SHA512

4dc42f0d29d80aa778e043a9e97aa510760dbce480db9ac63a53ebfb0196312c57628a82ed877cd53635b15f7d77bbc811cdb21a2b1a2ae190cdc2a047024dbc
SSDEEP

3072:7wj1yAykh1HeMZloh28PRTaYl+f4R+5vIrST/xyFpjejrSnl62hJfeO551u1FNjo:Mpn1LlohlmCoTpyXjeSnrAo5s1Fo4LUT

Score

N/A

Malware Config

Signatures

Files

dc5aa9b53e758b0163847cfa43ed275a368f722d96573880be406127f2ba3147
.exe windows x86

c484f3de45fb0b19d35718b590a6f7b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
GetCommandLineA
FindClose
Sleep
VirtualProtect
TerminateThread
LoadLibraryA
OpenSemaphoreA
GetProcAddress
GetModuleHandleA
HeapDestroy
ReleaseMutex
ResetEvent
FindFirstFileA
GetSystemDirectoryA
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
HeapAlloc
VirtualFree
GetLocaleInfoA
GetLastError
GetCPInfo
GetOEMCP
GetACP
GetSystemInfo
HeapFree
HeapCreate
GetFileType
GetStartupInfoA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount

user32

ShowWindow
LoadCursorA
GetDesktopWindow
GetDC
IsWindowUnicode
IsWindowVisible
SetTimer
ReleaseDC
CreateIcon
UpdateWindow
IsIconic
SetCursorPos
GetWindowRect
SetCursor
GetWindow
GetSysColorBrush
GetCursorPos

gdi32

GetPixel
DeleteObject

shell32

DuplicateIcon

psapi

GetModuleBaseNameA

msvfw32

DrawDibStart
DrawDibOpen

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c484f3de45fb0b19d35718b590a6f7b7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

psapi

msvfw32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 116KB - Virtual size: 114KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 116KB - Virtual size: 114KB