c71136348143a0871ff72890964c1f37a5ca54b9340addbddb75f61d8ad7ed32

Sharing

Copy URL

Twitter E-mail

General

Target

c71136348143a0871ff72890964c1f37a5ca54b9340addbddb75f61d8ad7ed32
Size

3.7MB
MD5

515aff39d301cb0edc444c70ebd5d11f
SHA1

600bd13b7c7b8cf41dc190a175a440734584b869
SHA256

c71136348143a0871ff72890964c1f37a5ca54b9340addbddb75f61d8ad7ed32
SHA512

dbe607a01fd454f5f0b822365afa1ce3c6e1c591d85da624ddac21a07a71ba5607b10654fc5cfb96004e201449a79ac6be7705d5c57aecd588f11fc22c58108d
SSDEEP

49152:GHMy6L2AFJZ85enMNXCPbXY76kIZ35D6RgJPxFxC8L7usIrP9JxpkvfIIRXB0exD:LFL2AzZkOM6kIHpNuFrP9oVpB0Gh

Score

N/A

Malware Config

Signatures

Files

c71136348143a0871ff72890964c1f37a5ca54b9340addbddb75f61d8ad7ed32
.exe windows x86

a26f1379c2de6fe2a7898e55eb514cfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
GetProcessHeap
HeapAlloc
HeapFree
CreateMutexA
GetModuleHandleExW
SystemTimeToFileTime
Sleep
EnterCriticalSection
GetLastError
GetTickCount
InterlockedCompareExchange
ExitProcess
SetLastError
GetModuleHandleA
GetVersionExA
VirtualAlloc
VirtualFree
CreateFileA
GetCurrentProcess
GetFileAttributesA
WaitForSingleObjectEx
CloseHandle
GetTempPathA
GetProcAddress
LoadLibraryA
RemoveDirectoryA
IsBadWritePtr
GetCurrentThread
FileTimeToSystemTime
ExitThread
DeleteCriticalSection
WriteConsoleW
CreateFileW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
HeapReAlloc
LoadLibraryExW
GetModuleHandleW
SetEndOfFile
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
IsProcessorFeaturePresent
ReadFile
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
GetFileType
GetStartupInfoW
GetStringTypeW
GetModuleFileNameA
QueryPerformanceCounter

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegOpenKeyExW
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegQueryValueW
RegEnumKeyExW
RegEnumKeyA
RegCreateKeyW
RegEnumValueA

user32

AppendMenuA
RegisterClassExW
SendMessageW
FindWindowW
TrackPopupMenu
RegisterWindowMessageA
MessageBoxW
MsgWaitForMultipleObjects
RegisterWindowMessageW
GetClientRect
PeekMessageA
ShowWindow
GetMessageW
SetForegroundWindow
GetMessageA
AppendMenuW
CloseDesktop
DispatchMessageA
GetWindowRect
BringWindowToTop
FindWindowA
PeekMessageW
TranslateMessage
RedrawWindow
LoadIconW
LoadIconA
SetFocus
SendMessageA
GetDesktopWindow
UpdateWindow

Sections

.text
Size: 614KB - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a26f1379c2de6fe2a7898e55eb514cfb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 614KB - Virtual size: 614KB

.rdata Size: 2.9MB - Virtual size: 2.9MB

.data Size: 95KB - Virtual size: 105KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 614KB - Virtual size: 614KB

.rdata
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 95KB - Virtual size: 105KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 19KB - Virtual size: 19KB