2f2e290deac82e778fa606d070a923f3b924c75a0d268da0484ee52e31af2979

Sharing

Copy URL Twitter E-mail

General

Target

2f2e290deac82e778fa606d070a923f3b924c75a0d268da0484ee52e31af2979
Size

5.9MB
MD5

171ca43cce848f1fd4bedbb383e1edcc
SHA1

d25a20d0a18983c4f2e2192ab924e2059e82b695
SHA256

2f2e290deac82e778fa606d070a923f3b924c75a0d268da0484ee52e31af2979
SHA512

d0b0c6ad8037d86298ba2cbd12cd99a915958dd00a9354263dd36650a50a1afd16795620d60fdb582a8805f2b3afa951e53091c8fd2f3c78eb4413f252b977ab
SSDEEP

98304:PW0ankuzrlDwVHO3Iwev+qpyTRPUl1vgFr5uxXEUk7l8jUmPp+azhiT3RrSMmdIJ:PW0ankuPlDwVHO3IwemlTRSoV8EUkVul

Score

N/A

Malware Config

Signatures

Files

2f2e290deac82e778fa606d070a923f3b924c75a0d268da0484ee52e31af2979
.exe windows x86

c3650452f83346fb834d41537438e226

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CloseHandle
GetCurrentProcess
GetTickCount
GetProcAddress
InterlockedCompareExchange
SetLastError
GetModuleHandleA
LoadLibraryA
FileTimeToSystemTime
CreateFileW
GetCurrentThread
GetModuleHandleExW
Sleep
DuplicateHandle
VirtualProtect
HeapReAlloc
HeapFree
HeapAlloc
ExitProcess
GetProcessHeap
DeleteCriticalSection
ResumeThread
LocalFileTimeToFileTime
LeaveCriticalSection
WaitForSingleObject
GetLastError
VirtualFree
GetVersionExA
VirtualAlloc
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
FlushFileBuffers
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId

advapi32

RegEnumValueA
RegCreateKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyA
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExW

user32

SendMessageA
PeekMessageW
GetClientRect
SetFocus
PostMessageW
RegisterClassExW
CheckMenuItem
RegisterWindowMessageA
GetWindowRect
SendMessageW
AppendMenuA
TrackPopupMenu
CreatePopupMenu
EnumWindows
GetLastInputInfo
BringWindowToTop
SetForegroundWindow
GetMessageW
UpdateWindow
CloseDesktop
RegisterWindowMessageW
SetWindowPos
TranslateMessage
CreateWindowExW
DefWindowProcW
PeekMessageA
RegisterClassExA
GetDesktopWindow
RedrawWindow
ShowWindow
PostQuitMessage

Sections

.text
Size: 516KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 413KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3650452f83346fb834d41537438e226

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 516KB - Virtual size: 515KB

.rdata Size: 413KB - Virtual size: 412KB

.data Size: 5.0MB - Virtual size: 5.0MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 516KB - Virtual size: 515KB

.rdata
Size: 413KB - Virtual size: 412KB

.data
Size: 5.0MB - Virtual size: 5.0MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 30KB - Virtual size: 29KB