65383b43b7f59502c385f709ce399c266c932a1d2154675d3f9221090b7997c2

Sharing

Copy URL Twitter E-mail

General

Target

65383b43b7f59502c385f709ce399c266c932a1d2154675d3f9221090b7997c2
Size

6.0MB
MD5

f00fe4f938c0be4cc4d49288b71d5c3e
SHA1

81732f6eddfc82ed243d87516b9bad4d5345e663
SHA256

65383b43b7f59502c385f709ce399c266c932a1d2154675d3f9221090b7997c2
SHA512

d4bba653eccbda819378cd59f2b622a2d7a30d820ddca9fdef5cc436b9594bd326adabbd1d1142c378f919b596511b15ef729a589e405e6bb47f1a5b4f0d29a5
SSDEEP

196608:PCTvBM4PSdy9lVgimDGqx1NMVAruSUEE7kw1:PCDB1PmeqLaqxrMyS7Emk

Score

N/A

Malware Config

Signatures

Files

65383b43b7f59502c385f709ce399c266c932a1d2154675d3f9221090b7997c2
.exe windows x86

71e71edba675007094def3f5baa3c43e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
CreateMutexA
CloseHandle
GetCurrentThread
FileTimeToLocalFileTime
GetCurrentProcess
FileTimeToSystemTime
IsBadReadPtr
GetProcAddress
InterlockedCompareExchange
SetLastError
ExitProcess
GetModuleHandleA
GetVersionExA
GetModuleHandleExW
Sleep
VirtualProtect
HeapReAlloc
ExitThread
GetLastError
InitializeCriticalSection
ResumeThread
GetCurrentThreadId
CreateFileW
VirtualFree
GetTickCount
VirtualAlloc
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
FlushFileBuffers
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime

advapi32

RegCreateKeyExW
RegQueryInfoKeyA
RegEnumKeyW
RegCreateKeyW
RegOpenKeyExA
RegCreateKeyA
RegCreateKeyExA
RegEnumValueA

user32

RedrawWindow
SendMessageA
UpdateWindow
RegisterWindowMessageW
PostMessageW
GetMessageA
RegisterWindowMessageA
PostQuitMessage
BringWindowToTop
MessageBoxA
DestroyWindow
GetWindowRect
DefWindowProcA
SendMessageW
GetDlgItem
LoadIconW
GetLastInputInfo
FindWindowA
MsgWaitForMultipleObjects
CheckMenuItem
AppendMenuA
SetForegroundWindow
TrackPopupMenu
GetDesktopWindow
AppendMenuW
PeekMessageA
GetWindowTextW
EnumWindows
RegisterClassExW
SetWindowPos

Sections

.text
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71e71edba675007094def3f5baa3c43e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 548KB - Virtual size: 547KB

.rdata Size: 552KB - Virtual size: 551KB

.data Size: 4.9MB - Virtual size: 4.9MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 548KB - Virtual size: 547KB

.rdata
Size: 552KB - Virtual size: 551KB

.data
Size: 4.9MB - Virtual size: 4.9MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 29KB