49499243f1a4e3ac70a9f7ebcc80435881e370e8252f44facbfa332b6d5b1f48

General

Target

49499243f1a4e3ac70a9f7ebcc80435881e370e8252f44facbfa332b6d5b1f48
Size

114KB
MD5

5aacb371bfbe1b3670f9833a88a6c2d9
SHA1

d6c7b30ec2b748d3542664a1557d4b9277294f22
SHA256

49499243f1a4e3ac70a9f7ebcc80435881e370e8252f44facbfa332b6d5b1f48
SHA512

817361b53e7f1df2153ae21772621f9a24262ca922125d833360106e7f713a8082586def37611912ec8e123eca5f5b15d90bae77171d74a575bbee91a9444d36
SSDEEP

1536:tD14VQPdqke6/0XdWjZdmY970W790DC+BU5rB3KSvgyWV233xA8CglxR4023:PqZyZkQPeU5rBahy53xA8X

Score

N/A

Malware Config

Signatures

Files

49499243f1a4e3ac70a9f7ebcc80435881e370e8252f44facbfa332b6d5b1f48
.exe windows x86

459c4df8b51ab936f306233bf959b607

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetCurrentProcessId
Sleep
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleHandleW
GetModuleHandleA
HeapWalk
MoveFileA
LoadLibraryA
HeapSize
GetProcAddress
SetLastError
GetLastError
ExitProcess
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

459c4df8b51ab936f306233bf959b607

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 36KB - Virtual size: 39KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 36KB - Virtual size: 39KB

.rsrc
Size: 10KB - Virtual size: 9KB