5ce8b0f6fe3410f0c985e3df6381bbcbdb49c1f773518317a3156f9a4fe530d0

General

Target

5ce8b0f6fe3410f0c985e3df6381bbcbdb49c1f773518317a3156f9a4fe530d0
Size

104KB
MD5

31b55ad48281ac1d19f8c55498044370
SHA1

68413ef2e59f6e2cc7f82fb17e3a3b407422917d
SHA256

5ce8b0f6fe3410f0c985e3df6381bbcbdb49c1f773518317a3156f9a4fe530d0
SHA512

aea67fd9150e38103e158911cf9d0836d5d658ba29b21f61e9e1575f5912f6292cf00734cb8124585664a99683c4eb535843489ed173f51ff7dbb349e5a82a99
SSDEEP

1536:5F+ATCNmVjj8poM8OMcM769OQvq1RBDNy/ZhjI+55O758GV:5IO18poOT9xMrM/ZhZAj

Score

N/A

Malware Config

Signatures

Files

5ce8b0f6fe3410f0c985e3df6381bbcbdb49c1f773518317a3156f9a4fe530d0
.dll windows x86

549d7b44067bbcdf42bf6a90a80a3a9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileW
CloseHandle
GlobalFree
GlobalAlloc
VirtualFree
ReadFile
VirtualAlloc
GetFileSize
lstrcpyW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
InterlockedDecrement
InterlockedIncrement

user32

FindWindowExW
GetDlgItem
SendMessageW
SetWindowTextW

Exports

Exports

AddFile
Close
Init
Write

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

549d7b44067bbcdf42bf6a90a80a3a9e

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 60KB - Virtual size: 60KB