8b61efc1249aed336c23d5e408f6f4a987850ae22afb11a11de00647c81768c6

Sharing

Copy URL

Twitter E-mail

General

Target

8b61efc1249aed336c23d5e408f6f4a987850ae22afb11a11de00647c81768c6
Size

104KB
MD5

06b04578f974c356e287153a3bfcfcc0
SHA1

503d112f6ad1f785c9c6de9ec2aa8bd6503df5d0
SHA256

8b61efc1249aed336c23d5e408f6f4a987850ae22afb11a11de00647c81768c6
SHA512

3ba8e5e770222a2abd9cbc062452315cf1290d30f5f67465136dbb8965d7f8655f0f31fe2d937943bcd2d399dccb0fe8088f7e14e4bdbb75cc8e852e7b9ad4f6
SSDEEP

3072:/yGtLWeaVXwwtUbsg6pt7OaCVRdTfaMk:jtLnaVAwtU+p57C9Tfa

Score

N/A

Malware Config

Signatures

Files

8b61efc1249aed336c23d5e408f6f4a987850ae22afb11a11de00647c81768c6
.exe windows x86

8d06cf87fdac2194da18c953a2e6e2c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetVersionExW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
CloseHandle
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemDirectoryW
GetProcAddress
GetModuleHandleW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
ReadFile
GetFileSize
CreateFileW
FreeLibrary
LoadLibraryW
FindClose
FindNextFileW
FindFirstFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
GetSystemTimeAsFileTime
SetHandleCount
GetCommandLineW
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
GetModuleHandleA
GetStartupInfoW
ExitProcess
VirtualQuery
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW

ole32

CoTaskMemFree

shlwapi

PathIsFileSpecW
PathFileExistsW
PathFindExtensionW
PathCombineW
SHGetValueW
PathIsSameRootW
StrCmpIW
PathFindFileNameW
PathIsDirectoryW

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d06cf87fdac2194da18c953a2e6e2c3

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 52KB - Virtual size: 52KB