03a88ecef4a4017dd0cbcda1a5521ef8a1c2948cad6fa7c812b349624fdda998

Sharing

Copy URL Twitter E-mail

General

Target

03a88ecef4a4017dd0cbcda1a5521ef8a1c2948cad6fa7c812b349624fdda998
Size

504KB
MD5

e20f3f7a7094d0710017ca3fe0af36ae
SHA1

db18d257c5fed5017659b2a137b08d45a5ff1b21
SHA256

03a88ecef4a4017dd0cbcda1a5521ef8a1c2948cad6fa7c812b349624fdda998
SHA512

9383161d7c6abe2267393a93e593a859e83ad4796b1f2ba38c790e7e551b3ed45e45a6455a42feec29ebdf937e0f7d8ac01686804e4625ae2bef4f32ccc5d6a7
SSDEEP

12288:+Lv8CQBjSCEnT2hMPlDceH9bcfdNTYj7m:+Lv/NoMlvHdodNTZ

Score

N/A

Malware Config

Signatures

Files

03a88ecef4a4017dd0cbcda1a5521ef8a1c2948cad6fa7c812b349624fdda998
.exe windows x86

efff8c778cd0abc1148b75244e98fb2f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetModuleFileNameA
LoadLibraryA
GetTickCount
LoadLibraryW
SizeofResource
LockResource
Module32FirstW
ReadFile
GetModuleHandleW
GetCommandLineA
SetLastError
AddVectoredExceptionHandler
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
Module32NextW
VirtualProtect
GetCurrentProcess
FlushInstructionCache
FindResourceExW
CloseHandle
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetProcAddress
CreateFileW
GetLastError
GetCommandLineW
InterlockedExchange
GetUserDefaultLCID
GetStringTypeW
MultiByteToWideChar
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
RtlUnwind
RaiseException
ExitProcess
DecodePointer
EncodePointer
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
ExitThread
GetCurrentThreadId
CreateThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
GetLocaleInfoW
GetStdHandle
Sleep
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
WideCharToMultiByte
LCMapStringW
SetStdHandle

user32

LoadIconA
EnumWindows
GetDC
LoadIconW

gdi32

SelectObject
GetPixel
DeleteDC
DeleteObject
CreateCompatibleDC

ole32

StringFromIID
CoGetClassObject
CoTaskMemFree

advapi32

RegQueryValueW
RegSetValueW
RegCloseKey
RegOpenKeyW

dbghelp

ImageNtHeader
ImageDirectoryEntryToData

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efff8c778cd0abc1148b75244e98fb2f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

advapi32

dbghelp

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 306KB - Virtual size: 306KB

.reloc Size: 8KB - Virtual size: 536KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 306KB - Virtual size: 306KB

.reloc
Size: 8KB - Virtual size: 536KB