af2b7b8ed07adcb7a64fe63fe75fb464909529a4683e7f926a5ed6e5cb93322a

Sharing

Copy URL Twitter E-mail

General

Target

af2b7b8ed07adcb7a64fe63fe75fb464909529a4683e7f926a5ed6e5cb93322a
Size

436KB
MD5

0ca74afd527dd38863be2b723abcef51
SHA1

4ac505ccf17cfb0fee18ebc971556aaef5c1ee4f
SHA256

af2b7b8ed07adcb7a64fe63fe75fb464909529a4683e7f926a5ed6e5cb93322a
SHA512

1ba5bd2617311d0cbec6ecf5dc83f962e110ba4c02f646ca229c2466c721b07e76237238d5f969d85810dc2743f8806d792da9847feee9063d985635a0d59126
SSDEEP

12288:LqUiEqaV+CgJS2WKOcz4T35LMeRk8ERqFsp:OUNV+CMSeDml9swsp

Score

N/A

Malware Config

Signatures

Files

af2b7b8ed07adcb7a64fe63fe75fb464909529a4683e7f926a5ed6e5cb93322a
.exe windows x86

37de76370c5b18100d8070641daccaf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
VirtualAlloc
Sleep
GetProcAddress
InterlockedExchange
ResumeThread
VirtualFree
GetTickCount
CloseHandle
SetEvent
SetFirmwareEnvironmentVariableA
CreateMutexA
GetLastError
RemoveDirectoryA
LocalFree
GetSystemTime
GetSystemDirectoryA
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetModuleHandleA
InterlockedIncrement
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
HeapFree
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
RtlUnwind
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapSize
GetStringTypeA
GetStringTypeW

user32

ShowWindow
LoadImageA
MessageBoxA
GetSystemMetrics
LoadBitmapA
EnableWindow

winmm

midiStreamOut
midiOutReset
midiStreamProperty
joySetCapture

dnsapi

DnsAcquireContextHandle_A

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.VDXE
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 4KB - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 352KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37de76370c5b18100d8070641daccaf9

Headers

File Characteristics

Imports

kernel32

user32

winmm

dnsapi

Sections

.text Size: 36KB - Virtual size: 34KB

.VDXE Size: 4KB - Virtual size: 896B

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 5KB

.tdata Size: 4KB - Virtual size: 29B

.rsrc Size: 12KB - Virtual size: 9KB

.ldata Size: 352KB - Virtual size: 788KB

.text
Size: 36KB - Virtual size: 34KB

.VDXE
Size: 4KB - Virtual size: 896B

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 5KB

.tdata
Size: 4KB - Virtual size: 29B

.rsrc
Size: 12KB - Virtual size: 9KB

.ldata
Size: 352KB - Virtual size: 788KB