087269f159018f5ea66f5d11752bc54a8741bcd178190d60d796b291f7f0ed9f

Sharing

Copy URL Twitter E-mail

General

Target

087269f159018f5ea66f5d11752bc54a8741bcd178190d60d796b291f7f0ed9f
Size

524KB
MD5

c3dfe914eee2a9c36e15938787b269f6
SHA1

da36568bc17b7b3cb5c6e03ffabe89b4c0934f78
SHA256

087269f159018f5ea66f5d11752bc54a8741bcd178190d60d796b291f7f0ed9f
SHA512

4117bd866ccfbed255e69e6836f236355d3a8a9f4a7b06191cd2db0b7ff000787be7e5a1bbd12c249611deed52654c20c06df422bdf12c7e2a55a6469437feca
SSDEEP

12288:akJi7ZuVFERG9Hkhtb/ymBC5D7n10VFXcsI:PgZuLUvDb/yuCku

Score

N/A

Malware Config

Signatures

Files

087269f159018f5ea66f5d11752bc54a8741bcd178190d60d796b291f7f0ed9f
.exe windows x86

555cbd6dc07e86b3cd56975fe61f1a6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateThread
SetThreadPriority
SleepEx
WaitForSingleObjectEx
GetUserDefaultLangID
QueryPerformanceFrequency
IsProcessorFeaturePresent
Sleep
InitializeCriticalSection
TlsAlloc
TlsFree
TlsSetValue
GetVersionExA
CreateFileA
lstrlenA
TlsGetValue
GetProcessHeap
HeapAlloc
ReadProcessMemory
LeaveCriticalSection
GetDriveTypeA
SetFilePointer
FlushFileBuffers
GetExitCodeThread
FreeLibrary
TerminateProcess
CreateEventA
VirtualFree
WaitForMultipleObjectsEx
GetLastError
ResetEvent
CloseHandle
LocalAlloc
SetEvent
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
SetCurrentDirectoryW
QueryPerformanceCounter
lstrlenW
lstrcpyW
lstrcatW
lstrcpynW
WideCharToMultiByte
GetSystemDirectoryW
lstrcmpW
lstrcmpA
lstrcpyA
OutputDebugStringA
CreateSemaphoreA
GetLocalTime
CreateDirectoryA
GetFileSize
GetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
ReadFileEx
WriteFileEx
GetOverlappedResult
MoveFileA
GetStartupInfoW
GetSystemTimes
GetModuleHandleA
ExitThread

user32

GetClientRect
IsWindowEnabled
IsChild
GetWindowModuleFileNameA
SetForegroundWindow
EnableWindow
DestroyWindow
UnregisterClassW
GetSystemMetrics
RegisterClassW
LoadCursorW
LoadIconW
GetKeyState
GetKeyboardLayoutList
ActivateKeyboardLayout

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

msvcrt

printf
exit

imm32

ImmGetGuideLineW
ImmCreateContext
ImmAssociateContext
ImmSetOpenStatus
ImmDisableTextFrameService
ImmGetContext
ImmReleaseContext
ImmGetConversionStatus
ImmGetCandidateListW
ImmSimulateHotKey
ImmGetIMEFileNameW
ImmGetOpenStatus
ImmNotifyIME

Sections

.text
Size: 440KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

555cbd6dc07e86b3cd56975fe61f1a6b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

imm32

Sections

.text Size: 440KB - Virtual size: 438KB

.idata Size: 4KB - Virtual size: 3KB

.data Size: 76KB - Virtual size: 82KB

.text
Size: 440KB - Virtual size: 438KB

.idata
Size: 4KB - Virtual size: 3KB

.data
Size: 76KB - Virtual size: 82KB