97ecbd74bf3b76fb6abc3ba7741ecfd563eede6728b8982e8d9475a08b2e384b

Sharing

Copy URL Twitter E-mail

General

Target

97ecbd74bf3b76fb6abc3ba7741ecfd563eede6728b8982e8d9475a08b2e384b
Size

3.5MB
MD5

9d3631762c0ecc0cfd7296012aa21ef3
SHA1

faddaaa5ca6afb846656a490fccd1225cecc1dbf
SHA256

97ecbd74bf3b76fb6abc3ba7741ecfd563eede6728b8982e8d9475a08b2e384b
SHA512

933723a6120eae2e21ac200d9924d3a7b3ce9a9fa7ea69e319699c452b07273bee5d60dc0d24e23bdba570c4036fa9bfe34a2a2ce68a62436215f5cf8a27d6ab
SSDEEP

49152:aqjTtBCHmqTHTRzy5BoPoFyut7pXtTU4DNgAHgvWGAl8huIyU+8dd7t3:1T/ItRuBoAFFt7pXNNrQ9S8QLULddN

Score

N/A

Malware Config

Signatures

Files

97ecbd74bf3b76fb6abc3ba7741ecfd563eede6728b8982e8d9475a08b2e384b
.exe windows x86

cd5051de2bd4daa28497fc610958715e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
SystemTimeToFileTime
IsBadReadPtr
LocalFileTimeToFileTime
FileTimeToSystemTime
CreateFileW
LeaveCriticalSection
GetLastError
EnterCriticalSection
ExitProcess
GetProcessHeap
HeapAlloc
WideCharToMultiByte
CreateMutexA
GetTickCount
InitializeCriticalSection
GetModuleHandleExW
Sleep
InterlockedCompareExchange
GetModuleHandleA
GetVersionExA
ReadFile
VirtualAlloc
VirtualFree
GetCurrentProcess
SetLastError
GetFileAttributesA
WaitForSingleObject
CloseHandle
GetTempPathA
GetProcAddress
LoadLibraryA
RemoveDirectoryA
CreateFileA
DisableThreadLibraryCalls
IsBadWritePtr
HeapFree
GetLocalTime
WriteConsoleW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
HeapReAlloc
LoadLibraryExW
SetEndOfFile
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetStringTypeW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter

advapi32

RegCreateKeyW
RegQueryInfoKeyA
RegOpenKeyA
RegCreateKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyA
RegEnumKeyExW
RegEnumKeyA
RegQueryInfoKeyW
RegQueryValueA
RegEnumKeyW

user32

RegisterClassExA
RedrawWindow
PostQuitMessage
RegisterWindowMessageW
PeekMessageA
RegisterWindowMessageA
TranslateMessage
PostMessageA
MsgWaitForMultipleObjects
GetSystemMetrics
EnumWindows
CreateWindowExW
UpdateWindow
SetForegroundWindow
CloseDesktop
RegisterClassExW
LoadIconA
SetWindowPos
SendMessageA
GetWindowTextA
GetMessageW
DefWindowProcW
CheckMenuItem
GetCursorPos

Sections

.text
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd5051de2bd4daa28497fc610958715e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 603KB - Virtual size: 602KB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 82KB - Virtual size: 93KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 603KB - Virtual size: 602KB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 82KB - Virtual size: 93KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 18KB - Virtual size: 18KB