13b30119e2b3d8f001aabb262acc9825cdf046290369812354b4f7301e4d61ec

Sharing

Copy URL Twitter E-mail

General

Target

13b30119e2b3d8f001aabb262acc9825cdf046290369812354b4f7301e4d61ec
Size

469KB
MD5

6657e9c1793e2653a02138fdfe1f6496
SHA1

787814f55bb5e44125d34d017236735169831073
SHA256

13b30119e2b3d8f001aabb262acc9825cdf046290369812354b4f7301e4d61ec
SHA512

a158be5acc6d1f9fb750a83bc51b487bd20e303f1e443b4dd624310b8efaef8c9cedf0511db4807781dda606d76f95015356914e3eb434cd051bad0cbece9e98
SSDEEP

12288:BfkFUSkbbiAtV5LTAGpeRcARZE4NlDFtQAvBkuDQSzQC:BfkFGbbihQwE4NT5qwQC

Score

N/A

Malware Config

Signatures

Files

13b30119e2b3d8f001aabb262acc9825cdf046290369812354b4f7301e4d61ec
.exe windows x86

57af1f870a5c1c7d61f2aa4353a13ce0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

ole32

CoUninitialize
CLSIDFromProgID
CoInitialize
CoCreateInstance

gdi32

GetStockObject

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

CreateFileA
SetStdHandle
lstrcmpW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
OpenThread
ReadConsoleOutputAttribute
GetProfileIntW
lstrlenW
GetStringTypeExW
FatalAppExitA
HeapReAlloc
HeapSize
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
OpenEventW
LoadLibraryA
RaiseException
DeviceIoControl
GetCurrentDirectoryW
QueryDosDeviceW
GetLogicalDriveStringsW
GetVolumeInformationW
ReadFile
GetExitCodeProcess
GetDiskFreeSpaceExW
GetDriveTypeW
Sleep
WaitForSingleObject
GetCommandLineW
GetDateFormatW
GetTimeFormatW
GlobalAlloc
GlobalFree
SetLastError
CreateMutexW
OpenMutexW
ReleaseMutex
CopyFileW
IsValidLocale
GetModuleFileNameW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileSectionW
GetWindowsDirectoryW
CreateProcessW
LoadLibraryW
FreeLibrary
GetCurrentProcess
GetVersionExA
GetPrivateProfileStringW
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
FormatMessageA
DeleteFileW
CreateFileW
SetFilePointer
WideCharToMultiByte
lstrlenA
WriteFile
GetProcessHeap
HeapAlloc
HeapFree
GetTempPathW
FindNextFileW
CloseHandle
CreateDirectoryW
ExpandEnvironmentStringsW
GetFullPathNameW
GetSystemDirectoryW
FindFirstFileW
FindClose
GetFileAttributesW
FormatMessageW
LocalReAlloc
LocalAlloc
GetLastError
lstrcmpiW
LocalFree
VirtualAlloc
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
VirtualFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57af1f870a5c1c7d61f2aa4353a13ce0

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

gdi32

version

kernel32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 9KB - Virtual size: 176KB

.rsrc Size: 353KB - Virtual size: 352KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 9KB - Virtual size: 176KB

.rsrc
Size: 353KB - Virtual size: 352KB