98b2c86cb83d5ea790d7d61f175fd33f5a1d069cf2de3c8499d30f479b8b46b2

Sharing

Copy URL

Twitter E-mail

General

Target

98b2c86cb83d5ea790d7d61f175fd33f5a1d069cf2de3c8499d30f479b8b46b2
Size

6.0MB
MD5

100b99f7bc89b82a4dd5a328d28ad2c6
SHA1

6713f0680d10349ea4dfccd9b2aed561e3999e34
SHA256

98b2c86cb83d5ea790d7d61f175fd33f5a1d069cf2de3c8499d30f479b8b46b2
SHA512

8e4b520d45c8730244de71619dff422bd46457d639986fcca126b212d84b460bc769791ebb1f989a83a3c6d7d37bab62fe18c10573e6c7bcbb13c2664eb4b064
SSDEEP

98304:kevyjt4HDd7Vl4twi5VIa34s5Hfvtr/62Y6tPYlJpZGCvJpv9bORq0:zvzHpBm6sIw3tTGJpzw

Score

N/A

Malware Config

Signatures

Files

98b2c86cb83d5ea790d7d61f175fd33f5a1d069cf2de3c8499d30f479b8b46b2
.exe windows x86

4be735a36c093ec59026bd229f9573ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GetLastError
ExitProcess
FileTimeToLocalFileTime
GetProcAddress
InterlockedCompareExchange
GetModuleHandleA
SetLastError
GetModuleHandleExW
Sleep
VirtualProtect
EnterCriticalSection
HeapReAlloc
GetTickCount
GetCurrentProcess
CloseHandle
CreateMutexA
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
ExitThread
VirtualFree
GetVersionExA
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
CreateFileW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId

advapi32

RegEnumKeyW
RegCloseKey
RegEnumKeyA
RegQueryValueExW
RegCreateKeyExW
RegQueryValueExA
RegQueryValueA
RegEnumValueA
RegOpenKeyW
RegCreateKeyA

user32

SetForegroundWindow
PeekMessageW
GetWindowTextW
EnumWindows
GetDesktopWindow
CreatePopupMenu
DestroyWindow
GetWindowRect
LoadIconW
SetWindowPos
PostQuitMessage
TrackPopupMenu
RegisterWindowMessageA
GetWindowTextA
RegisterClassExW
RedrawWindow
GetLastInputInfo
UpdateWindow
SendMessageW
PeekMessageA
ShowWindow
TranslateMessage
SendMessageA
GetParent
FindWindowA
RegisterWindowMessageW
GetMessageW
DispatchMessageW
SetFocus
LoadIconA
RegisterClassExA
MsgWaitForMultipleObjects

Sections

.text
Size: 434KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 385KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4be735a36c093ec59026bd229f9573ed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 434KB - Virtual size: 433KB

.rdata Size: 385KB - Virtual size: 384KB

.data Size: 5.1MB - Virtual size: 5.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 434KB - Virtual size: 433KB

.rdata
Size: 385KB - Virtual size: 384KB

.data
Size: 5.1MB - Virtual size: 5.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 29KB