590fd4c475f82f891e65f74bc30523f3452d4b5efcb126ce3490848889792891

Sharing

Copy URL Twitter E-mail

General

Target

590fd4c475f82f891e65f74bc30523f3452d4b5efcb126ce3490848889792891
Size

3.4MB
MD5

dd35771ed4e3be8be87de12e146e7d7d
SHA1

3e9b66e0b423595c7ef9899a739028b529b9ecfc
SHA256

590fd4c475f82f891e65f74bc30523f3452d4b5efcb126ce3490848889792891
SHA512

499345d5c74e1f97f762a0c86dff72fe907a43aa18ca04b4ccf4c1311731a2bda56fe6cc0c939d574cadf040cfaff6779ae0522f3976708749e9035260d1aa7e
SSDEEP

98304:2isvKKcVcFi1JVxfLuIEQkzaeHf5i1E9lABc:KKKgcUWSk1H8EzA

Score

N/A

Malware Config

Signatures

Files

590fd4c475f82f891e65f74bc30523f3452d4b5efcb126ce3490848889792891
.exe windows x86

17ffd9c8542b03590fd3b8e207cc5eac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
GetProcessHeap
HeapFree
ReadFile
SystemTimeToFileTime
ExitThread
EnterCriticalSection
CreateMutexA
GetModuleHandleExW
GetFileAttributesA
GetLastError
GetTickCount
FileTimeToSystemTime
InterlockedCompareExchange
ExitProcess
SetLastError
GetModuleHandleA
GetVersionExA
VirtualAlloc
VirtualFree
CloseHandle
GetLocalTime
GetTempPathA
GetProcAddress
LoadLibraryA
RemoveDirectoryA
IsBadWritePtr
InitializeCriticalSection
HeapAlloc
WaitForSingleObjectEx
Sleep
CreateFileA
CreateFileW
WriteConsoleW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
HeapReAlloc
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
SetEndOfFile
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetStringTypeW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW

advapi32

RegCloseKey
RegOpenKeyExA
RegEnumKeyW
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegCreateKeyExW
RegCreateKeyA
RegQueryValueExA
RegEnumValueA
RegEnumKeyA

user32

RegisterWindowMessageW
GetWindowTextA
GetWindowRect
GetDlgItem
DefWindowProcA
LoadIconW
MsgWaitForMultipleObjects
CreatePopupMenu
TrackPopupMenu
MessageBoxW
PeekMessageA
SetWindowPos
UpdateWindow
PostQuitMessage
RegisterClassExW
SendMessageA
RegisterWindowMessageA
RedrawWindow
RegisterClassExA
GetDesktopWindow
GetMessageA
SendMessageW
GetMessageW
FindWindowA
GetClientRect
LoadIconA
SetForegroundWindow
CreateWindowExW
EnumWindows

Sections

.text
Size: 531KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17ffd9c8542b03590fd3b8e207cc5eac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 531KB - Virtual size: 531KB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 68KB - Virtual size: 79KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 531KB - Virtual size: 531KB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 68KB - Virtual size: 79KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 19KB - Virtual size: 18KB