831ce2369913b699ca2a1384bc7541a0fd239a5cb95bc257bdd2a6e08a0c3ff8

Sharing

Copy URL Twitter E-mail

General

Target

831ce2369913b699ca2a1384bc7541a0fd239a5cb95bc257bdd2a6e08a0c3ff8
Size

5.8MB
MD5

c472dcdf686d4fc825688146800fc455
SHA1

347e454bdf0f5531cc24694e5feb34345bd0f1fd
SHA256

831ce2369913b699ca2a1384bc7541a0fd239a5cb95bc257bdd2a6e08a0c3ff8
SHA512

56fdd4d2a07fd36c0951d6dd43518880063a5e106f7e6ee2ac5e6575c1d42991967d0e2c53be6354c8a1c838c342a9827066dc8f6adb2bcdc97f85f0a566b122
SSDEEP

98304:MIf4GX3Znhcpz9GtVwTGYCe09/1pKkl0sNPUy2X22LPT9eK81qItVwxAiG4Nz:54GX3oZ9GHw5Ce0z0e062X22P9eKRI4m

Score

N/A

Malware Config

Signatures

Files

831ce2369913b699ca2a1384bc7541a0fd239a5cb95bc257bdd2a6e08a0c3ff8
.exe windows x86

665861c196334c12953175079f64b977

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentProcessId
FileTimeToLocalFileTime
GetProcessHeap
HeapAlloc
HeapFree
WaitForSingleObject
LoadLibraryA
GetCurrentThread
DisableThreadLibraryCalls
CreateMutexA
CloseHandle
HeapReAlloc
IsBadWritePtr
Sleep
GetLastError
GetProcAddress
InterlockedCompareExchange
GetModuleHandleA
GetVersionExA
GetModuleHandleExW
VirtualProtect
DeleteCriticalSection
SystemTimeToFileTime
GetTickCount
SetLastError
ReadFile
EnterCriticalSection
VirtualFree
GetCurrentProcess
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
CreateFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW

advapi32

RegQueryValueA
RegEnumKeyW
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyExW
RegEnumValueW

user32

GetSystemMetrics
RedrawWindow
GetWindowTextW
CreatePopupMenu
PeekMessageA
LoadIconA
RegisterClassExA
SendMessageA
CheckMenuItem
ShowWindow
PostQuitMessage
UpdateWindow
GetLastInputInfo
TrackPopupMenu
GetCursorPos
GetDlgItem
LoadIconW
GetDesktopWindow
RegisterWindowMessageA
GetMessageW
BringWindowToTop
GetWindowTextA
MsgWaitForMultipleObjects
CreateWindowExA
GetParent
PostMessageW
SetForegroundWindow
AppendMenuW
PostMessageA
GetClientRect
RegisterClassExW
GetWindowRect

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

665861c196334c12953175079f64b977

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 420KB - Virtual size: 419KB

.rdata Size: 354KB - Virtual size: 354KB

.data Size: 5.0MB - Virtual size: 5.0MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 420KB - Virtual size: 419KB

.rdata
Size: 354KB - Virtual size: 354KB

.data
Size: 5.0MB - Virtual size: 5.0MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 28KB - Virtual size: 28KB