279a26c7ad6ef94d8885491e00bc586b4c4453818bc0d1b8d6b5b0c9ec4f97eb

General

Target

279a26c7ad6ef94d8885491e00bc586b4c4453818bc0d1b8d6b5b0c9ec4f97eb
Size

384KB
MD5

896055c6136c88883bd2306216e61493
SHA1

350f9fcf7edf6ea432c855aa184f5e5b2925c452
SHA256

279a26c7ad6ef94d8885491e00bc586b4c4453818bc0d1b8d6b5b0c9ec4f97eb
SHA512

e571995d5dbac9b550f03d673281e13b4115f3b1314f7ac616cbad1211cbbe983200b55ab30453bfeaff271b363b6d43af0c8438e3260ba63667a648d5cf1efb
SSDEEP

6144:vdLpYYyVtTB+NfkskG8ENrJw4G/J8BKbqlNNpUlXa4YMLqywSUC3jaegAz3IVG5n:VlYYs+j8XXdbq58jYMLqZCTfgAz3yG52

Score

N/A

Malware Config

Signatures

Files

279a26c7ad6ef94d8885491e00bc586b4c4453818bc0d1b8d6b5b0c9ec4f97eb
.exe windows x86

1a644b0fb4d808b57d54511c832cae78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHSetLocalizedName

kernel32

GetFileType
LCMapStringW
GetCommandLineW
GetVersionExA
CreateMutexA
GetEnvironmentStringsW
CreateSemaphoreA
IsDebuggerPresent
GlobalAlloc
GetTickCount
VirtualAlloc
GetStdHandle
GetCommandLineA
LocalAlloc
CreateEventA
ReadFile
GetModuleHandleW
CreateFileA
MultiByteToWideChar
GetModuleFileNameW
SetFilePointer
HeapFree
EnterCriticalSection
LocalFree
lstrlenA
IsProcessorFeaturePresent
HeapReAlloc
HeapAlloc
HeapSize
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
ExitProcess
DecodePointer
WriteFile
FreeEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStringTypeW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
WideCharToMultiByte

netapi32

NetUserModalsSet

scarddlg

ord2

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 336KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a644b0fb4d808b57d54511c832cae78

Headers

File Characteristics

Imports

shell32

kernel32

netapi32

scarddlg

Sections

.text Size: 40KB - Virtual size: 37KB

.data Size: 336KB - Virtual size: 339KB

.rsrc Size: 4KB - Virtual size: 128B

.text
Size: 40KB - Virtual size: 37KB

.data
Size: 336KB - Virtual size: 339KB

.rsrc
Size: 4KB - Virtual size: 128B