1cf6dc36ccbc11b4a791668e12b99db4157fb3c09f4a4ccb4386a473364a3f76

Sharing

Copy URL Twitter E-mail

General

Target

1cf6dc36ccbc11b4a791668e12b99db4157fb3c09f4a4ccb4386a473364a3f76
Size

496KB
MD5

38474b02fd7264d2c5993ebe8eba8630
SHA1

2cae59c0841b6d0cec143f38ddc975182b64a959
SHA256

1cf6dc36ccbc11b4a791668e12b99db4157fb3c09f4a4ccb4386a473364a3f76
SHA512

78c722a89a5d4ddd610751725a38b9593cf135a3c1afdaf29a8f2e01ac5244bf41565e9f4c791d178946c88d6db526aab69fb99d2bb1871d2412392dabc8b2d5
SSDEEP

768:mNopljJRyx5qSc6tu4jL+1zXCQkGaoxtvMGlZJ/5fqIgFB4cvOfLqyEi0W+nE:mUljTADcxXxxUMOy5eE

Score

N/A

Malware Config

Signatures

Files

1cf6dc36ccbc11b4a791668e12b99db4157fb3c09f4a4ccb4386a473364a3f76
.exe windows x86

5d9b628ab3c11ad4b816aa2d8bd5eed6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
GlobalLock
GlobalFree
GlobalUnlock
CloseHandle
UnmapViewOfFile
GlobalAlloc
GlobalHandle
MapViewOfFile
GetLastError
CreateFileMappingA
TlsGetValue
IsBadReadPtr
GetCurrentThreadId
GetCurrentProcessId
TlsSetValue
TlsAlloc
DeleteFileA
SetFilePointer
_lclose
ReadFile
GetLocalTime
GetEnvironmentVariableA
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetVersionExA
GetSystemInfo
GetProfileStringA
GetProfileIntA
GetModuleFileNameA
_lwrite
CreateFileA
GetSystemTimeAsFileTime

user32

ShowWindow
SetWindowWord
GetSystemMetrics
LoadCursorA
GetClassInfoA
SendMessageA
GetDC
ReleaseDC
MessageBoxA
GetMessageA
DispatchMessageA
RegisterClassA
CreateWindowExA
DefWindowProcA
PostQuitMessage
IsWindow
DestroyWindow

gdi32

GetStockObject
SelectObject
TextOutA
Rectangle
BitBlt
GetTextMetricsA

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
atoi
exit
toupper
strstr
sprintf
memset
malloc
memcpy
_ctime64
_time64
strlen
vsprintf
_snprintf
strncpy
strchr
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook

Exports

Exports

_GIWDWinProc@16
_TRCWindowProcedure@16

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 468KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d9b628ab3c11ad4b816aa2d8bd5eed6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcr80

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 468KB - Virtual size: 540KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 468KB - Virtual size: 540KB