1b14547ccff1a08e018d39b72db2478ac0ffeedb4b5d19dbae21b693ac538ba4

Sharing

Copy URL Twitter E-mail

General

Target

1b14547ccff1a08e018d39b72db2478ac0ffeedb4b5d19dbae21b693ac538ba4
Size

5.9MB
MD5

d97f2cef1e5616a1f631352f1e412469
SHA1

69ed460725f91d5206a971ecd2ab825081382ea1
SHA256

1b14547ccff1a08e018d39b72db2478ac0ffeedb4b5d19dbae21b693ac538ba4
SHA512

71fa0b931f73967e65e3ed1cb84b1b45287ebe0e3294854b8133ab9ea3d58d317c62b957884a1b21f0f87d0ce62968eb71092a21c74cfe76c2ba5118df558b4f
SSDEEP

98304:sX3DnjiemAF6z92JMdbx7AcMIS5OftyE7lqtZY3A/Lvh9LCmhIMIaG/7P8:sXbmeHmTdbx7Ac9qqL0ZqAVZ1hIoG

Score

N/A

Malware Config

Signatures

Files

1b14547ccff1a08e018d39b72db2478ac0ffeedb4b5d19dbae21b693ac538ba4
.exe windows x86

7f5f8871cd0387aad31a876242d6c532

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InitializeCriticalSection
CreateMutexA
CloseHandle
GetCurrentProcess
GetLastError
GetTickCount
GetProcAddress
LoadLibraryA
SetLastError
GetModuleHandleA
GetVersionExA
GetModuleHandleExW
Sleep
VirtualProtect
HeapFree
GetProcessHeap
GetCurrentThreadId
WaitForSingleObject
SystemTimeToFileTime
LeaveCriticalSection
HeapAlloc
VirtualFree
InterlockedCompareExchange
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
CreateFileW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA

advapi32

RegCreateKeyExA
RegOpenKeyW
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegEnumKeyW
RegQueryInfoKeyA
RegEnumKeyA

user32

SetForegroundWindow
RegisterClassExW
GetSystemMetrics
GetWindowRect
PostQuitMessage
SendMessageW
RegisterClassExA
GetMessageW
DefWindowProcW
GetParent
DispatchMessageA
SetWindowPos
BringWindowToTop
ShowWindow
TrackPopupMenu
DispatchMessageW
AppendMenuW
SendMessageA
CreateWindowExA
PostMessageW
FindWindowA
CloseDesktop
RegisterWindowMessageW
UpdateWindow
DefWindowProcA
MsgWaitForMultipleObjects
GetMessageA
EnumWindows
RedrawWindow
RegisterWindowMessageA
CheckMenuItem
MessageBoxW
LoadIconA
GetWindowTextA

Sections

.text
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.0MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f5f8871cd0387aad31a876242d6c532

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 458KB - Virtual size: 458KB

.rdata Size: 358KB - Virtual size: 358KB

.data Size: 5.0MB - Virtual size: 5.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 458KB - Virtual size: 458KB

.rdata
Size: 358KB - Virtual size: 358KB

.data
Size: 5.0MB - Virtual size: 5.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 28KB