3fb59cd218081fdb4faac63f3a2b8c072740bab997ad4faddd428213d69c0504

General

Target

3fb59cd218081fdb4faac63f3a2b8c072740bab997ad4faddd428213d69c0504
Size

864KB
MD5

13f71a28a0a6f30631b910420bb49891
SHA1

00f1ba1121afa86b305d6b263c364a90a886fa68
SHA256

3fb59cd218081fdb4faac63f3a2b8c072740bab997ad4faddd428213d69c0504
SHA512

c9dca90bae54b6f18a14e442c2fbe26a1778c67aa84e55b6387636808d91431da8c57d9fc49d25eb105c3735d4e15684064238142b7dbce98457cb9c1d5ea2d5
SSDEEP

24576:c85BD/4XvNmTpF96c288K9TK45UvPB3iM2lA6Ad1ko:cQD/WKdL3ZK45UXByM2lkd

Score

N/A

Malware Config

Signatures

Files

3fb59cd218081fdb4faac63f3a2b8c072740bab997ad4faddd428213d69c0504
.exe windows x86

87237a6b64a0a3ed9c13f345f8f7b6a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFileW
AddAtomA
GetFileAttributesW
lstrlenA
SetEvent
IsValidLocale
OpenMutexW
VirtualProtect
DeleteFileW
GetVolumePathNameW
SetFilePointer
HeapDestroy
GetModuleFileNameA
GetTickCount
GlobalFlags
LeaveCriticalSection
InterlockedExchange
DeleteFileW
CreateDirectoryA
CreateFileW
GetCurrentThreadId
GetModuleHandleA
OpenEventW
PulseEvent
SetFileTime

user32

DispatchMessageA
IsMenu
LoadCursorA
GetWindowTextA
GetWindowLongA
GetWindowLongA
SetFocus
PeekMessageA
DestroyMenu
MessageBoxA
SetRect
DestroyIcon
wsprintfA

dmdskmgr

DllCanUnloadNow
?namecmp@@YGHPBG0@Z
DllRegisterServer
DllGetClassObject

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 794KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.frdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87237a6b64a0a3ed9c13f345f8f7b6a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

dmdskmgr

advapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 794KB - Virtual size: 2.2MB

.frdata Size: 60KB - Virtual size: 60KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 794KB - Virtual size: 2.2MB

.frdata
Size: 60KB - Virtual size: 60KB