84042388e4d463d1c6394a5f5198c407660d9840a3d819f1bc9df9557e86e069

Sharing

Copy URL

Twitter E-mail

General

Target

84042388e4d463d1c6394a5f5198c407660d9840a3d819f1bc9df9557e86e069
Size

270KB
MD5

8fefad69375f755b613c250cc330d32f
SHA1

e869f4e3146afc95ca7569377b5918988e82c52b
SHA256

84042388e4d463d1c6394a5f5198c407660d9840a3d819f1bc9df9557e86e069
SHA512

ac51978c6cf2bf1c301aad402b0957cae4185204fa17a8bb0bdaa7f2875910a6ad7dfd2034a29be8c1d427263dd9d31555cf318464fa2b43367d10eb0c6c7c76
SSDEEP

3072:PRA+PsLBcE/SbiCf+0unNZTqUNh8vTRAyxfO3QHeyYPX9nlOvyGJLKQrtdA/5MoH:PRTHwSbL+0KD2R1W3QHeyC9+jJLzHAR

Score

N/A

Malware Config

Signatures

Files

84042388e4d463d1c6394a5f5198c407660d9840a3d819f1bc9df9557e86e069
.exe windows x86

64c607a556177c2d336126b90dc6fffc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
InitializeCriticalSection
GetACP
HeapSize
IsValidCodePage
CompareStringA
GetCurrentThreadId
IsValidLocale
GetFileType
GetCurrentProcess
GetEnvironmentStrings
Sleep
HeapAlloc
HeapDestroy
GetLocaleInfoA
GetStringTypeA
GetVersionExA
TlsGetValue
VirtualAlloc
QueryPerformanceCounter
GetModuleFileNameW
SetLastError
FreeEnvironmentStringsW
GetCommandLineA
GetStartupInfoW
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetProcAddress
RtlUnwind
DeleteCriticalSection
LoadLibraryA
WideCharToMultiByte
EnumSystemLocalesA
LCMapStringA
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
GetLastError
HeapReAlloc
TerminateProcess
SetHandleCount
TlsFree
HeapFree
GetSystemTimeAsFileTime
WriteFile
GetStringTypeW
GetCommandLineW
InterlockedIncrement
GetTimeFormatA
GetCurrentThread
TlsAlloc
SetConsoleCtrlHandler
LCMapStringW
GetCPInfo
SetConsoleTitleA
SetUnhandledExceptionFilter
GetLocaleInfoW
GetStartupInfoA
CompareStringW
HeapCreate
LeaveCriticalSection
VirtualQuery
GetModuleHandleA
TlsSetValue
GetOEMCP
IsDebuggerPresent
GetDateFormatA
FileTimeToSystemTime
GetEnvironmentStringsW
FreeLibrary
GetUserDefaultLCID
GetCurrentProcessId
InterlockedDecrement
SetConsoleOutputCP
GetTimeZoneInformation
GetStdHandle
GetProcessHeap
GetTickCount
UnhandledExceptionFilter
EnterCriticalSection
InterlockedExchange

comdlg32

ReplaceTextA
ChooseFontA

shell32

ShellAboutA
DoEnvironmentSubstW
SHFileOperation
SHEmptyRecycleBinA

user32

UpdateWindow
SetMessageQueue
CreateIconFromResourceEx
LoadBitmapW
TrackMouseEvent
MapVirtualKeyExA

advapi32

InitializeSecurityDescriptor
RegLoadKeyA
RegRestoreKeyW

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64c607a556177c2d336126b90dc6fffc

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

user32

advapi32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 8KB - Virtual size: 36KB

.data Size: 138KB - Virtual size: 138KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 8KB - Virtual size: 36KB

.data
Size: 138KB - Virtual size: 138KB

.rsrc
Size: 7KB - Virtual size: 7KB