935e7a12bb1d55011169787b05318b0613410ee3d76f52aac439ba171e430f63

Sharing

Copy URL Twitter E-mail

General

Target

935e7a12bb1d55011169787b05318b0613410ee3d76f52aac439ba171e430f63
Size

5.7MB
MD5

c8b5cdb911ab178a88cf02572239c8db
SHA1

6d404e8ddd9845c7abaed6d96d81297fafc7a177
SHA256

935e7a12bb1d55011169787b05318b0613410ee3d76f52aac439ba171e430f63
SHA512

490904cc99e82b05fd83a55b738504c732743be0167684f374754cf479407eb53f8dcf8a6e52f2e553ad9f92d77fd571163fbc5724be46970d03f8bfe682114a
SSDEEP

98304:Pm78icXbyAEqzePGMP4joeC1tEGXfZ17GNzV4eZllbRHe/s4kX/oJuL4nsgAh1DO:u7VZAgOMwjoZUGfSNzVRmkgmgorUn

Score

N/A

Malware Config

Signatures

Files

935e7a12bb1d55011169787b05318b0613410ee3d76f52aac439ba171e430f63
.exe windows x86

15073401df407146bb90686c5baf83a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetProcessHeap
HeapFree
LoadLibraryA
CreateMutexA
CloseHandle
GetCurrentProcess
GetProcAddress
InterlockedCompareExchange
FileTimeToSystemTime
GetLocalTime
GetVersionExA
DeleteCriticalSection
CreateFileA
ExitThread
GetModuleHandleExW
GetCurrentThread
Sleep
VirtualProtect
DisableThreadLibraryCalls
HeapAlloc
FileTimeToLocalFileTime
HeapReAlloc
SetLastError
GetTickCount
VirtualFree
GetModuleHandleA
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
CreateFileW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegCloseKey
RegEnumKeyW

user32

RedrawWindow
DestroyWindow
GetLastInputInfo
MsgWaitForMultipleObjects
PostMessageW
SendMessageA
RegisterClassExW
CreateWindowExW
CheckMenuItem
GetClientRect
GetWindowTextW
UpdateWindow
PeekMessageA
CreatePopupMenu
FindWindowA
EnumWindows
SetWindowPos
CreateWindowExA
SetForegroundWindow
GetDesktopWindow
DefWindowProcW
RegisterWindowMessageA
MessageBoxW
GetParent
GetSystemMetrics
SendMessageW
AppendMenuW
TranslateMessage
ShowWindow
TrackPopupMenu
LoadIconW

Sections

.text
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 439KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15073401df407146bb90686c5baf83a3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 456KB - Virtual size: 455KB

.rdata Size: 439KB - Virtual size: 439KB

.data Size: 4.8MB - Virtual size: 4.8MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 456KB - Virtual size: 455KB

.rdata
Size: 439KB - Virtual size: 439KB

.data
Size: 4.8MB - Virtual size: 4.8MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 28KB