b7aa5c545f0698f88ef3cbc5d70bac755406150811466a0a436d56449fd111d8

Sharing

Copy URL Twitter E-mail

General

Target

b7aa5c545f0698f88ef3cbc5d70bac755406150811466a0a436d56449fd111d8
Size

574KB
MD5

43133f2c24e6cee853d910c6011aecea
SHA1

e047a106c0aa31259f030e90713acab7e6f34bae
SHA256

b7aa5c545f0698f88ef3cbc5d70bac755406150811466a0a436d56449fd111d8
SHA512

9368a3a5bf98249ae343f00a8e9fead901c4dd0efa3719ea4962c4fd3471ca486ff8ad999fd1f2e97b9108d644a8f06bafe1d780d52d66bb44e1e90affa5dc46
SSDEEP

6144:C0WmHbP8wXw5zYMZSDoZCUxZoP/7qd+VEMjtjRTACd5k1/XQh2QWDBK/tI3Gh6oz:C0Wm76vZSD8G/7qIl5qI5SXlQWD9E

Score

N/A

Malware Config

Signatures

Files

b7aa5c545f0698f88ef3cbc5d70bac755406150811466a0a436d56449fd111d8
.exe windows x86

8ac4aaea35ba76699fc87f10e8d5dae7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FindFirstVolumeMountPointW
GenerateConsoleCtrlEvent
GetAtomNameA
GetCompressedFileSizeA
GetCurrentProcess
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetModuleHandleA
GetProcessId
GetProfileIntW
GetSystemRegistryQuota
GetTempPathA
GetWriteWatch
IsWow64Process
SetMessageWaitingIndicator
WriteConsoleOutputCharacterA

user32

BeginPaint
CharUpperBuffA
CheckRadioButton
CreateMDIWindowA
DdeAccessData
DdeEnableCallback
DdeQueryStringW
DdeUninitialize
DrawTextExW
EditWndProc
EndTask
EnterReaderModeHelper
GetAltTabInfoW
GetClassNameA
GetDC
GetKeyboardLayout
GetNextDlgGroupItem
GetWinStationInfo
GetWindowModuleFileName
GetWindowRect
KillTimer
MessageBoxIndirectW
ReasonCodeNeedsBugID
ReleaseDC
ReplyMessage
ScrollDC
ScrollWindowEx
SetLayeredWindowAttributes
SetProgmanWindow
SetUserObjectSecurity
SetWindowRgn
ShowScrollBar
TrackMouseEvent
TranslateMDISysAccel
UpdatePerUserSystemParameters
ValidateRect
VkKeyScanExA

gdi32

DdEntry42
EngTransparentBlt
ExtSelectClipRgn
FONTOBJ_pvTrueTypeFontFile
GdiValidateHandle
GetClipBox
GetEnhMetaFileBits

ntdll

DbgUiWaitStateChange
LdrFlushAlternateResourceModules
NtCreatePort
NtQueryVolumeInformationFile
NtTestAlert
PfxInsertPrefix
RtlAbsoluteToSelfRelativeSD
RtlAddAccessDeniedObjectAce
RtlAddAttributeActionToRXact
RtlAllocateAndInitializeSid
RtlAreAnyAccessesGranted
RtlCreateUnicodeString
RtlCreateUserProcess
RtlCreateUserThread
RtlDeNormalizeProcessParams
RtlExtendedIntegerMultiply
RtlExtendedMagicDivide
RtlFindClearRuns
RtlGetUnloadEventTrace
RtlInitializeCriticalSectionAndSpinCount
RtlIpv4AddressToStringExW
RtlQueryInformationActiveActivationContext
RtlReAllocateHeap
RtlSecondsSince1980ToTime
RtlTimeToSecondsSince1970
RtlValidSid
ZwAddAtom
ZwCreateJobObject
ZwInitiatePowerAction
ZwQueryFullAttributesFile
ZwSignalAndWaitForSingleObject
ZwSuspendThread
ZwWaitForDebugEvent
_i64toa

Sections

.rr
Size: 512B - Virtual size: 214B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bk
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.h
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.nfzeiay
Size: 565KB - Virtual size: 565KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hzhd
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ac4aaea35ba76699fc87f10e8d5dae7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ntdll

Sections

.rr Size: 512B - Virtual size: 214B

.bk Size: 2KB - Virtual size: 2KB

.h Size: 3KB - Virtual size: 2KB

.nfzeiay Size: 565KB - Virtual size: 565KB

.hzhd Size: 1KB - Virtual size: 9KB

.rr
Size: 512B - Virtual size: 214B

.bk
Size: 2KB - Virtual size: 2KB

.h
Size: 3KB - Virtual size: 2KB

.nfzeiay
Size: 565KB - Virtual size: 565KB

.hzhd
Size: 1KB - Virtual size: 9KB