390c1b731603d85e7b8140f5099ed06ae1e5ae6cf9ff40c2aa0f613d4d215865

Sharing

Copy URL Twitter E-mail

General

Target

390c1b731603d85e7b8140f5099ed06ae1e5ae6cf9ff40c2aa0f613d4d215865
Size

30KB
MD5

45a8b992ed4523e55524f7a338c4c7c0
SHA1

d34bb003819e8cf5f8c7be6107c6e83f696c5d6e
SHA256

390c1b731603d85e7b8140f5099ed06ae1e5ae6cf9ff40c2aa0f613d4d215865
SHA512

fb77f0ccf7691e7b1ca64c80f191d7a621ed1fff6c05a136764b11166ee4606c043c8fa79a0f3efd820f608d018bdc7ee76de81da7105a9fedeca955a46a4b8b
SSDEEP

768:XygI3flWWYf6p9oFGWUBKq2N4hRRwWU2R:iBYEogtBKbm

Score

N/A

Malware Config

Signatures

Files

390c1b731603d85e7b8140f5099ed06ae1e5ae6cf9ff40c2aa0f613d4d215865
.exe windows x86

8b76f15763a5001c84e7738224fac765

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
GetCommandLineA
GetProcessHeap
TlsAlloc
HeapFree
TlsSetValue
GetEnvironmentStringsW
SetEvent
GetEnvironmentStrings
TerminateProcess
LCMapStringW
FreeEnvironmentStringsW
ReadFile
ExitProcess
HeapAlloc
CreateDirectoryW
TryEnterCriticalSection
HeapReAlloc
lstrlenW
Sleep
DeleteCriticalSection
InterlockedDecrement
GetModuleHandleW
SetLastError
TlsGetValue
GetModuleHandleA
GetVersionExA
GetVersionExW
HeapDestroy
CreateThread
LocalFree
InterlockedIncrement
InterlockedCompareExchange
GetModuleFileNameW
FileTimeToSystemTime
FormatMessageW
FlushFileBuffers
FindResourceW
FindClose
SetFilePointer
ResetEvent
MultiByteToWideChar
WaitForSingleObject
FreeEnvironmentStringsA
EnterCriticalSection
InterlockedExchange
GetStringTypeW
CreateEventW
GetStdHandle
CloseHandle
GetModuleFileNameA
RaiseException
GetCommandLineW
GetCurrentThread
FreeLibrary
VirtualAlloc
GetStartupInfoA

shell32

SHFileOperationW

iphlpapi

SetIpNetEntry

scarddlg

ord2

msvcrt

_onexit
__dllonexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 354B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b76f15763a5001c84e7738224fac765

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

iphlpapi

scarddlg

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 354B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 354B