004c546b06529ed7eb56ead01076c934be41eee6cc5b4b071a2573c60f32883e

Sharing

Copy URL

Twitter E-mail

General

Target

004c546b06529ed7eb56ead01076c934be41eee6cc5b4b071a2573c60f32883e
Size

4.2MB
MD5

84acffe0945fa6405e5b8ae78fa897ad
SHA1

7bd08714e73575508960250637a375a8f96e91ca
SHA256

004c546b06529ed7eb56ead01076c934be41eee6cc5b4b071a2573c60f32883e
SHA512

9770015bdf1c550b27d726de2b285496c36ea7ab2fbebb9b9262baecfdf93be563ae50e93af1221724db46bc71c27926679d003314dcc0d5d21d74d0a12e81d8
SSDEEP

49152:PBcOGkGzvk5f5lvJhw+NCkstpMlWzZSoi6yvWMpjL6HidrTYx6S/+h1Zz34IJB6K:+cRJhGwO2R6Hi5Te/k12HP

Score

N/A

Malware Config

Signatures

Files

004c546b06529ed7eb56ead01076c934be41eee6cc5b4b071a2573c60f32883e
.exe windows x86

a6adbf4061dc002494bbb2c030ed5b5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
GetProcessHeap
HeapAlloc
CreateMutexA
ReadFile
CreateFileW
SetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
WideCharToMultiByte
GetModuleHandleExW
ExitThread
GetLastError
GetTickCount
InterlockedCompareExchange
GetModuleHandleA
GetVersionExA
VirtualAlloc
VirtualFree
GetCurrentProcess
GetFileAttributesA
CloseHandle
GetTempPathA
GetProcAddress
LoadLibraryA
HeapFree
RemoveDirectoryA
DisableThreadLibraryCalls
HeapReAlloc
GetLocalTime
ExitProcess
GetCurrentThreadId
WriteConsoleW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
SetEndOfFile
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetStringTypeW
GetStartupInfoW
DeleteCriticalSection
GetFileType
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
SetFilePointer
SetFilePointerEx
GetConsoleMode
ReadConsoleW

advapi32

RegEnumValueA
RegQueryValueW
RegCreateKeyExA
RegQueryValueA
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyW
RegQueryInfoKeyA
RegEnumKeyExW
RegQueryValueExW

user32

GetWindowTextA
EnumWindows
MessageBoxW
GetMessageW
GetWindowRect
DestroyWindow
GetLastInputInfo
CreateWindowExW
BringWindowToTop
LoadIconA
SetWindowPos
SetForegroundWindow
RegisterWindowMessageW
MsgWaitForMultipleObjects
UpdateWindow
LoadIconW
RedrawWindow
PostQuitMessage
RegisterClassExW
TrackPopupMenu
GetCursorPos
DefWindowProcW
RegisterWindowMessageA
AppendMenuA
DispatchMessageA
RegisterClassExA
GetWindowTextW
CreatePopupMenu
SendMessageA
SetFocus
FindWindowW
GetDlgItem
SendMessageW
PeekMessageW
CheckMenuItem
PostMessageW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6adbf4061dc002494bbb2c030ed5b5d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 2.7MB - Virtual size: 2.7MB

.data Size: 97KB - Virtual size: 107KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 97KB - Virtual size: 107KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 25KB - Virtual size: 24KB