0fa8ad0682599ef69a09798d2ca2bb4e3b5a5a76590a6f11bdb0cb0075124bd2

General

Target

0fa8ad0682599ef69a09798d2ca2bb4e3b5a5a76590a6f11bdb0cb0075124bd2
Size

378KB
MD5

2b56da7b2728e2bb3c9bcbddb585ecdd
SHA1

acca4dcc47813512c534e596d906bb80a7a02d43
SHA256

0fa8ad0682599ef69a09798d2ca2bb4e3b5a5a76590a6f11bdb0cb0075124bd2
SHA512

087aafd24a9cae6a1c140ea89e1ed6cfa27044298684792a4252e46c82337a15e9b5cc76d756c1fcefe9d3195bc78299487b0ecaaabedd36236009568c04159c
SSDEEP

6144:LLtuyS6NWFsgpAQfBGic7aCHhAAZMh486Mmk2iDLkOJ/ic/plP7K0:LLtuySfFsgpAQfBGbT2Lh4q8whhiElPH

Score

N/A

Malware Config

Signatures

Files

0fa8ad0682599ef69a09798d2ca2bb4e3b5a5a76590a6f11bdb0cb0075124bd2
.exe windows x86

7e93ea1c30b08724d10e2dd3cfaba6b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
ReadFile
SetStdHandle
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleA
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
RaiseException
GetCommandLineA
GetVersionExA
GetCPInfo
LCMapStringA
GetLastError
LCMapStringW
GetStringTypeA
GetStringTypeW
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
LoadLibraryA
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetLastError
SetUnhandledExceptionFilter
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
VirtualQuery
VirtualProtect
GetSystemInfo
SetFilePointer
FlushFileBuffers
CloseHandle
GetACP
GetOEMCP
IsBadCodePtr
GetLocaleInfoW

user32

EnumWindows

shell32

SHSetLocalizedName

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc7
Size: 4KB - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e93ea1c30b08724d10e2dd3cfaba6b7

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 10KB

.reloc7 Size: 4KB - Virtual size: 76B

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 10KB

.reloc7
Size: 4KB - Virtual size: 76B