dc203291ae0e3f6dbbd9af9b47c271f24c0404667cf2111c3a8d3cd0525b28ad

Sharing

Copy URL Twitter E-mail

General

Target

dc203291ae0e3f6dbbd9af9b47c271f24c0404667cf2111c3a8d3cd0525b28ad
Size

189KB
MD5

43cc63701bde33a8e84a0e556f7d8b72
SHA1

0bac7856aa47d65ebe10da5bd72bba03309aeb3f
SHA256

dc203291ae0e3f6dbbd9af9b47c271f24c0404667cf2111c3a8d3cd0525b28ad
SHA512

2d298405d93d3a311f124b6f2f7f3f94eef1d775962f5d660f61cd28ff22b421673385e670968cdbe7fcf223702712c52256c0e53890522389bcdf4ffe5c9378
SSDEEP

3072:2yIqnTZ7nBHUbaTfiItNquIMNogJLlDWQU2QlsiQNduQAiJOrDTJQo:2yhTZNgwj4gh1bUxlshNd7eJQ

Score

N/A

Malware Config

Signatures

Files

dc203291ae0e3f6dbbd9af9b47c271f24c0404667cf2111c3a8d3cd0525b28ad
.exe windows x86

db61144d4df6e3e0eb521a6c83de75a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetLastActivePopup
IsWindowVisible
IsIconic
ShowWindow
GetForegroundWindow
SetForegroundWindow
GetParent
GetClassNameA
EnumWindows
GetWindowLongA
GetWindowThreadProcessId
RegisterWindowMessageA
SendMessageTimeoutA

kernel32

GetDriveTypeA
CompareStringW
CreateFileW
GetProcessHeap
SetEndOfFile
GetDriveTypeW
SetStdHandle
WriteConsoleW
LoadLibraryW
GetTimeZoneInformation
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
TlsFree
FreeLibrary
TlsSetValue
TlsGetValue
GetProcAddress
LoadLibraryA
TlsAlloc
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetModuleFileNameA
CloseHandle
GetLastError
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
Sleep
OpenMutexA
GetCurrentThreadId
ReleaseMutex
SetCurrentDirectoryA
CreateMutexA
SetThreadLocale
GetSystemDefaultLCID
Process32Next
Process32First
CreateToolhelp32Snapshot
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
HeapFree
RaiseException
RtlUnwind
GetCurrentProcessId
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
FindFirstFileExA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
HeapAlloc
LCMapStringW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapCreate
GetModuleHandleW
SetLastError
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
ExitProcess
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
GetCurrentDirectoryW
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetLocaleInfoW
HeapSize
GetUserDefaultLCID
GetLocaleInfoA

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db61144d4df6e3e0eb521a6c83de75a8

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 138KB - Virtual size: 137KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 138KB - Virtual size: 137KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 11KB - Virtual size: 11KB