8dec5f9a9e960910574c46aae8416f2c3f71578b7eb64e764c595479dfa8fce5

Sharing

Copy URL Twitter E-mail

General

Target

8dec5f9a9e960910574c46aae8416f2c3f71578b7eb64e764c595479dfa8fce5
Size

5.7MB
MD5

c328c908480e1de02efd0150730881a8
SHA1

86a04c1763c1430e7ee3f7ca1cb9b745f33427cc
SHA256

8dec5f9a9e960910574c46aae8416f2c3f71578b7eb64e764c595479dfa8fce5
SHA512

7b576282bcff0cef489227393250d70d8bd410ea4edc129020715764b9bf9a303b8c67969b741562ce6d291cec8337f5a3411cfc4b5368089207eb61bd8baef0
SSDEEP

98304:NqoYS9RYK7pi+RnmTRrgtUKgG3r8jl+E5WumgGiaDVX2UXe6TL3zcsIYmVKESmG2:NqbPkpbGr6i68jlJWuyiMVXX3TL3FIYe

Score

N/A

Malware Config

Signatures

Files

8dec5f9a9e960910574c46aae8416f2c3f71578b7eb64e764c595479dfa8fce5
.exe windows x86

fc4287963fb53d4641fe2866b34788b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
LoadLibraryA
CreateMutexA
CloseHandle
GetCurrentProcess
GetLastError
LeaveCriticalSection
GetTickCount
GetProcAddress
InterlockedCompareExchange
HeapAlloc
GetModuleHandleA
GetVersionExA
DuplicateHandle
GetModuleHandleExW
Sleep
DeleteCriticalSection
VirtualProtect
GetCurrentProcessId
GetProcessHeap
CreateFileA
CreateFileW
HeapReAlloc
GetLocalTime
EnterCriticalSection
WaitForSingleObject
FileTimeToLocalFileTime
SetLastError
VirtualFree
ExitThread
VirtualAlloc
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FlushFileBuffers
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount

advapi32

RegOpenKeyW
RegOpenKeyExA
RegEnumKeyExW
RegCreateKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyA

user32

GetWindowTextA
SendMessageW
GetClientRect
TranslateMessage
MsgWaitForMultipleObjects
RegisterClassExA
GetMessageW
RegisterWindowMessageW
CreatePopupMenu
CreateWindowExA
PostMessageW
FindWindowA
SetForegroundWindow
GetLastInputInfo
GetWindowRect
SendMessageA
UpdateWindow
SetWindowPos
TrackPopupMenu
FindWindowW
RegisterWindowMessageA
CheckMenuItem
GetDlgItem
GetSystemMetrics
MessageBoxW
DefWindowProcW
PostQuitMessage
PostMessageA
LoadIconW
AppendMenuW

Sections

.text
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc4287963fb53d4641fe2866b34788b2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 447KB - Virtual size: 446KB

.rdata Size: 396KB - Virtual size: 396KB

.data Size: 4.9MB - Virtual size: 4.9MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 447KB - Virtual size: 446KB

.rdata
Size: 396KB - Virtual size: 396KB

.data
Size: 4.9MB - Virtual size: 4.9MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 28KB