8cb5b658bcc8e0b2ff75d0d037b4970dbcb81aadbab7334cac8d9198b61fe4a4

General

Target

8cb5b658bcc8e0b2ff75d0d037b4970dbcb81aadbab7334cac8d9198b61fe4a4
Size

52KB
MD5

254372ec902e060399bbd9c724fdec70
SHA1

fa7fce791f4eae2bf845936c18714963d0ca40c3
SHA256

8cb5b658bcc8e0b2ff75d0d037b4970dbcb81aadbab7334cac8d9198b61fe4a4
SHA512

7067f20ff950151c75bb756b9aafddb6caece0dbb23cc68f3657c4623c3bf2da69379ab5f6688db6f1e44ba3cbb2ffe83b390f6099498f9aca3bf30efbae30d0
SSDEEP

768:Yrqr4OZXg1d1xDqR2y+jLilHxcC9KYerq4UN7rJ4GBgE07QUg6qs:UqHZXO1Wb+/i1h44p4GnfL

Score

N/A

Malware Config

Signatures

Files

8cb5b658bcc8e0b2ff75d0d037b4970dbcb81aadbab7334cac8d9198b61fe4a4
.exe windows x86

b92604cc85462d8cb48d17b4797631da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrcpyA
SwitchToThread
GetEnvironmentVariableA
GetProcessHeap
GetModuleHandleW
SetErrorMode
lstrlenA
GetModuleHandleA
ExitProcess
GetStartupInfoW

msvcrt

_controlfp
_exit
_XcptFilter
exit
_wcmdln
_except_handler3
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

ntdll

DbgPrint

user32

CreateWindowExA
DefWindowProcW
MessageBoxW
GetMessageW
MessageBoxA
UpdateWindow
ShowWindow
TranslateMessage
DispatchMessageW

ole32

CoInitialize

comctl32

ord17

powrprof

IsPwrShutdownAllowed
IsPwrHibernateAllowed
GetPwrCapabilities

wintrust

WintrustGetRegPolicyFlags

imagehlp

ImageEnumerateCertificates

Sections

CODE
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nfk
Size: 1024B - Virtual size: 613B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b92604cc85462d8cb48d17b4797631da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

user32

ole32

comctl32

powrprof

wintrust

imagehlp

Sections

CODE Size: 37KB - Virtual size: 37KB

.rdata Size: 2KB - Virtual size: 1KB

.nfk Size: 1024B - Virtual size: 613B

DATA Size: 512B - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 436B

CODE
Size: 37KB - Virtual size: 37KB

.rdata
Size: 2KB - Virtual size: 1KB

.nfk
Size: 1024B - Virtual size: 613B

DATA
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 436B