88d839a4de55c0165dcf1ccbe44ff7d8a4bc0c27a3f8ed13325c57c4b5d37999

Sharing

Copy URL Twitter E-mail

General

Target

88d839a4de55c0165dcf1ccbe44ff7d8a4bc0c27a3f8ed13325c57c4b5d37999
Size

5.8MB
MD5

0f26df3c5fa74e4a6e21440ee8b666a9
SHA1

a78cbb77fb9f5a414d2e506de04ed593fd8b5062
SHA256

88d839a4de55c0165dcf1ccbe44ff7d8a4bc0c27a3f8ed13325c57c4b5d37999
SHA512

70a68086fe0230459d26371bcad91fbcdc36cd1f6b00eda18da153d4bf6375ebadd17d257666999315a45462003f8747821d9d3aacb8af3a18ed0e55aab9c8b8
SSDEEP

98304:6yE+E6hWNhFaq6FquI78z1jF1JUZBD1BUvcXLrJrS8runIKj5JUjOTI:6yE+EbNhgbICFFMD1BLJ+425iw

Score

N/A

Malware Config

Signatures

Files

88d839a4de55c0165dcf1ccbe44ff7d8a4bc0c27a3f8ed13325c57c4b5d37999
.exe windows x86

76398358eae0700f5f5b1ab1286a39ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
HeapFree
LoadLibraryA
CreateMutexA
CloseHandle
GetCurrentProcess
GetTickCount
GetProcAddress
ExitProcess
CreateFileW
GetModuleHandleA
GetVersionExA
GetModuleHandleExW
Sleep
VirtualProtect
WaitForSingleObjectEx
GetCurrentThread
InitializeCriticalSection
CreateFileA
SystemTimeToFileTime
SetLastError
DisableThreadLibraryCalls
DeleteCriticalSection
HeapAlloc
GetLastError
EnterCriticalSection
ReadFile
VirtualFree
VirtualAlloc
InterlockedCompareExchange
FileTimeToLocalFileTime
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FlushFileBuffers
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
GetFileType
WideCharToMultiByte
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId

advapi32

RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExW
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExW
RegOpenKeyW

user32

DestroyWindow
PeekMessageA
ShowWindow
SetFocus
DispatchMessageA
BringWindowToTop
GetClientRect
MessageBoxA
DefWindowProcA
LoadIconA
FindWindowW
GetWindowTextA
MessageBoxW
CreateWindowExW
EnumWindows
CheckMenuItem
GetLastInputInfo
SetForegroundWindow
GetDlgItem
TrackPopupMenu
RedrawWindow
SetWindowPos
AppendMenuW
UpdateWindow
AppendMenuA
GetWindowRect
RegisterClassExA
RegisterWindowMessageA
SendMessageA
PostQuitMessage
CreatePopupMenu
GetCursorPos
TranslateMessage
RegisterClassExW
SendMessageW
RegisterWindowMessageW
GetMessageW
GetWindowTextW

Sections

.text
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76398358eae0700f5f5b1ab1286a39ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 437KB - Virtual size: 436KB

.rdata Size: 412KB - Virtual size: 411KB

.data Size: 5.0MB - Virtual size: 5.0MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 437KB - Virtual size: 436KB

.rdata
Size: 412KB - Virtual size: 411KB

.data
Size: 5.0MB - Virtual size: 5.0MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 28KB