490d1349e7c5d62a643a05f2e883e5b2827cb3a199be289ede5068b554fa2eeb

General

Target

490d1349e7c5d62a643a05f2e883e5b2827cb3a199be289ede5068b554fa2eeb
Size

63KB
MD5

27743ebfa095aed48f26cd02e36fd028
SHA1

ad51bb014d9dbaf3a69fc6f09432ebd39e556d07
SHA256

490d1349e7c5d62a643a05f2e883e5b2827cb3a199be289ede5068b554fa2eeb
SHA512

0bec2c22f12493e36dc32f070b8b8811f1414b2155e1b6e6e0f5dddf1331ee6e23a46a5648096917eadc7018ae33edc4ecfbaa20dad3ccfd48a1cd4039943ab7
SSDEEP

1536:i2sD/I89W10ZyywTEBo3f6NCDgoc8Vh0su+9sWZE:IDQgWuyF3QCModVVZE

Score

N/A

Malware Config

Signatures

Files

490d1349e7c5d62a643a05f2e883e5b2827cb3a199be289ede5068b554fa2eeb
.exe windows x86

6d54671469679c789a938b74cac6eb85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LocalHandle
AssignProcessToJobObject
GetPrivateProfileStructW
CopyFileA
ExitProcess
DisableThreadLibraryCalls
InterlockedDecrement
CreateDirectoryA
GetPrivateProfileSectionW
OutputDebugStringA
GetModuleHandleA
LocalReAlloc
GetCurrentDirectoryW
CreateDirectoryW
UnlockFile
GetLastError
EnumResourceLanguagesA
LoadLibraryA
VirtualProtect
GetCurrencyFormatA
CreateDirectoryW

msvcrt

_osplatform
getc
fclose
_isnan
_sleep
sprintf
_getsystime
mktime
memcpy
isleadbyte
_setmbcp
??_7bad_cast@@6B@
_wasctime
_getdllprocaddr

user32

GetDlgItem
ModifyMenuA
TrackPopupMenu
ShowWindow
DispatchMessageW
ReleaseDC
OffsetRect
GetPropW
UnregisterClassA
LoadCursorFromFileA
SendMessageW
EnumDisplayMonitors
GetSysColor
LoadStringA
IntersectRect
SetForegroundWindow
FindWindowW

gdi32

LineTo
CreateCompatibleDC
SetRectRgn
SetTextColor
GetObjectW
GetBrushOrgEx
CreateDIBSection
SetMapMode
GetTextFaceW
GetTextExtentPoint32W
GetTextMetricsW

Exports

Exports

OdXvqyCbrkrTexgVf
LillgmwQbjwn
EnPfpeKhcrDlmg

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d54671469679c789a938b74cac6eb85

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 512B - Virtual size: 62B