134c4d74cf1bba477c7fbc3fd22f147df97c4b71b6e9761831340bd8c8b2c8f3

Sharing

Copy URL Twitter E-mail

General

Target

134c4d74cf1bba477c7fbc3fd22f147df97c4b71b6e9761831340bd8c8b2c8f3
Size

5.9MB
MD5

7af9892f967ea59ef8788fe31b1356f5
SHA1

efc96dd72d2baf5d61ea2af40ea5218b242151e1
SHA256

134c4d74cf1bba477c7fbc3fd22f147df97c4b71b6e9761831340bd8c8b2c8f3
SHA512

d56906af9333eb9084e342e0f93234cbd9331af6de62ce5c183abeaafc31efca30001d941e84aa8d16ac541c860d8fc434f7bcc5bc2dc759e6651562d64641b4
SSDEEP

98304:+u0CmGG8agV9EaLuYZhDthg5eu3LP06JHaQti55NT4yCcVHoA1NPWr:UiEQughzWQ5Ai5DMytVv1

Score

N/A

Malware Config

Signatures

Files

134c4d74cf1bba477c7fbc3fd22f147df97c4b71b6e9761831340bd8c8b2c8f3
.exe windows x86

79a229b04410687f704348580c4648e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitThread
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
CreateMutexA
CloseHandle
GetCurrentProcess
GetLastError
CreateFileW
GetTickCount
InterlockedCompareExchange
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetLastError
GetModuleHandleA
GetVersionExA
ReadFile
EnterCriticalSection
GetModuleHandleExW
VirtualProtect
GetCurrentThread
GetLocalTime
ResumeThread
IsBadReadPtr
LeaveCriticalSection
Sleep
VirtualFree
GetProcAddress
VirtualAlloc
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection

advapi32

RegEnumKeyA
RegEnumKeyExW
RegQueryValueW
RegQueryValueExW
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA

user32

DestroyWindow
PostMessageW
CheckMenuItem
FindWindowW
DispatchMessageA
AppendMenuA
DefWindowProcW
PostMessageA
GetLastInputInfo
UpdateWindow
SetWindowPos
LoadIconW
RegisterWindowMessageA
TrackPopupMenu
SendMessageW
SendMessageA
RegisterClassExW
LoadIconA
RedrawWindow
GetWindowTextA
GetWindowRect
GetWindowTextW
MsgWaitForMultipleObjects
SetForegroundWindow
RegisterWindowMessageW
GetDesktopWindow
PostQuitMessage
RegisterClassExA
GetSystemMetrics
ShowWindow
EnumWindows
TranslateMessage
CreateWindowExA

Sections

.text
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79a229b04410687f704348580c4648e3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 532KB - Virtual size: 531KB

.rdata Size: 500KB - Virtual size: 499KB

.data Size: 4.9MB - Virtual size: 4.9MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 532KB - Virtual size: 531KB

.rdata
Size: 500KB - Virtual size: 499KB

.data
Size: 4.9MB - Virtual size: 4.9MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 30KB - Virtual size: 29KB