a226c496d3288f14f3a17fe4297bc97251d970f6813e4f68ba31b62a0be0cc69

Sharing

Copy URL

Twitter E-mail

General

Target

a226c496d3288f14f3a17fe4297bc97251d970f6813e4f68ba31b62a0be0cc69
Size

797KB
MD5

fc106a133d944735dd3f5dd17c2ec946
SHA1

10c219c791e80f5d14514735679ef3c28a233fda
SHA256

a226c496d3288f14f3a17fe4297bc97251d970f6813e4f68ba31b62a0be0cc69
SHA512

6d9f7c6dda94dd93d7d9f0697db42d6b0706eda59bbd41c77ad6b151f2c0865364dc239aff8714727a70c6b43891f758d999f15c643dd35231144e3bafb94f3a
SSDEEP

12288:oXj0wfPcSE/DmTIVHWwVn8kLoiZEnO+tES29AG4B4cI6vLEzShGBKD:sXMDZoiAtESAeHTLFqk

Score

N/A

Malware Config

Signatures

Files

a226c496d3288f14f3a17fe4297bc97251d970f6813e4f68ba31b62a0be0cc69
.exe windows x86

5e3f590c8862b6933a2e192fa475bcbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFileA
GetFullPathNameW
CreateTimerQueue
CreateEventW
SetThreadExecutionState
GetThreadLocale
GetConsoleAliasExesLengthW
GetDriveTypeW
DeleteTimerQueue
Module32NextW
GetPrivateProfileStructA
DeleteTimerQueueEx
CreateNamedPipeW
ReleaseSemaphore
QueryInformationJobObject
ReleaseMutex
FindFirstVolumeMountPointA
GetThreadTimes
ConvertDefaultLocale
GetCurrentDirectoryA
ExpandEnvironmentStringsW
GetProfileSectionA
GetVolumeInformationW
GetFileSize
GetCompressedFileSizeA
GetThreadPriority
OpenThread
GetProcAddress
SetHandleInformation
AssignProcessToJobObject
GetEnvironmentStrings
OpenWaitableTimerA
GetModuleHandleA
GetConsoleCursorInfo
CreateDirectoryExW
GetNamedPipeHandleStateA
OpenFileMappingA
FindResourceExW
ProcessIdToSessionId
GetWindowsDirectoryA
FoldStringA
GetConsoleOutputCP
OpenSemaphoreA
OpenJobObjectW
LCMapStringW
CreateSemaphoreA
GetPrivateProfileStringW
GetUserDefaultUILanguage
VirtualAlloc
GetStringTypeW
MultiByteToWideChar
GetCommandLineA
HeapSetInformation
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapFree
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent

user32

RedrawWindow

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 506KB - Virtual size: 836KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e3f590c8862b6933a2e192fa475bcbd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 506KB - Virtual size: 836KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 506KB - Virtual size: 836KB

.rsrc
Size: 5KB - Virtual size: 5KB