a5bad915415516d66bde2831f1565e2347094f88204c557a8b33adc5a4e0d640

Sharing

Copy URL Twitter E-mail

General

Target

a5bad915415516d66bde2831f1565e2347094f88204c557a8b33adc5a4e0d640
Size

191KB
MD5

fc166b8b5caa13343c61811410f05438
SHA1

bfe8f4ae43ca857e93758c5ed53f20b3dcd82b9b
SHA256

a5bad915415516d66bde2831f1565e2347094f88204c557a8b33adc5a4e0d640
SHA512

973495ec6f086107dc227a96b649cd1502c811702399986d0d602106f16a004cd8561c3c4547d6cdb9a0d3d2326884edacadaf86df67de35fa0934bbd04c5528
SSDEEP

3072:p1VZQFsxfF0Fy3hqEwDVT132Ag0FusRFCJqGQ:pX6FsxfFaIqzcAOuzR

Score

N/A

Malware Config

Signatures

Files

a5bad915415516d66bde2831f1565e2347094f88204c557a8b33adc5a4e0d640
.exe windows x86

20754e2e5f5df5526fd89ceaade97b49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

LocalAlloc
GetModuleHandleA
LocalSize
LocalFree
CreateFileW
LoadLibraryA
SetEnvironmentVariableA
FormatMessageA
HeapSize
WriteConsoleW
SetStdHandle
FlushFileBuffers
GetStringTypeW
LCMapStringW
HeapReAlloc
LoadLibraryW
GetLongPathNameW
GetProcAddress
CloseHandle
GetLastError
IsValidCodePage
HeapAlloc
CompareStringW
lstrlenA
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
WideCharToMultiByte
GetTimeZoneInformation
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
Sleep
GetCPInfo
IsProcessorFeaturePresent
RtlUnwind
MultiByteToWideChar
ReadFile
SetFilePointer
RaiseException

user32

MessageBoxA
GetDialogBaseUnits
TrackPopupMenu
GetSubMenu
LoadMenuA
DestroyMenu
GetDC
GetWindowLongA
EndDialog
ShowWindow
CreateWindowExW
AllowSetForegroundWindow
UpdateWindow

gdi32

SetTextJustification

comdlg32

ReplaceTextA

version

GetFileVersionInfoW

comctl32

ImageList_GetDragImage
InitCommonControlsEx

wintrust

WinVerifyTrust

secur32

EnumerateSecurityPackagesA

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20754e2e5f5df5526fd89ceaade97b49

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

version

comctl32

wintrust

secur32

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 13KB - Virtual size: 21KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 13KB - Virtual size: 21KB

.rsrc
Size: 56KB - Virtual size: 55KB