c34bb1e07ac26d5af5bd8ca2172b2184b114a74ebb7e36a11684a5d426192e59

Sharing

Copy URL Twitter E-mail

General

Target

c34bb1e07ac26d5af5bd8ca2172b2184b114a74ebb7e36a11684a5d426192e59
Size

178KB
MD5

b7402beb076d44a405634df5a1b9f596
SHA1

851926f869f06300fb6cfe5596a91c3c0ecc0e47
SHA256

c34bb1e07ac26d5af5bd8ca2172b2184b114a74ebb7e36a11684a5d426192e59
SHA512

381ad2e054c226382f4ae3a0ac2490e9dd252e9e0c1e2720cc9b1e3804c61c369219e23c65d0f181f0c5b861177b537d80dccacd636e58378026b43ea2b38c8d
SSDEEP

3072:mfW5YECULPECXHGx/yIcah5kH0Gr/5XfXxl3gB:muS2PECXHGmXH0G9vXxWB

Score

N/A

Malware Config

Signatures

Files

c34bb1e07ac26d5af5bd8ca2172b2184b114a74ebb7e36a11684a5d426192e59
.exe windows x86

8ff36ab0f3193a12731857098202c110

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplayDevicesA
SystemParametersInfoA
SetCursor
IsWindowVisible
VkKeyScanExA
IsDlgButtonChecked
MapVirtualKeyW
RegisterClipboardFormatW
GetMenuItemInfoW
IsRectEmpty
RedrawWindow

dbghelp

EnumerateLoadedModules64
FindFileInSearchPath
SymGetModuleInfoW
SymEnumSymbols
GetTimestampForLoadedLibrary
EnumerateLoadedModules
FindExecutableImage

kernel32

SetConsoleMode
ReadConsoleInputA
CreateFileW
CloseHandle
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
LoadLibraryW
HeapQueryInformation
GetLastError
GetProcessHeap
GlobalMemoryStatusEx
GetStdHandle
SetCommState
LCMapStringA
WaitNamedPipeA
ReadConsoleA
CreateConsoleScreenBuffer
InterlockedDecrement
InterlockedIncrement
GetTimeFormatA
GetDateFormatA
HeapReAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetTimeZoneInformation
HeapCreate
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringW
RtlUnwind
IsProcessorFeaturePresent

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gbohgrb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ff36ab0f3193a12731857098202c110

Headers

DLL Characteristics

File Characteristics

Imports

user32

dbghelp

kernel32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 18KB

.rsrc Size: 99KB - Virtual size: 127KB

gbohgrb Size: - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 18KB

.rsrc
Size: 99KB - Virtual size: 127KB

gbohgrb
Size: - Virtual size: 4KB