ad7c09d21df6cec29e590f8bc60a7dc4602bca0f4958258182145260b7ece766

Sharing

Copy URL Twitter E-mail

General

Target

ad7c09d21df6cec29e590f8bc60a7dc4602bca0f4958258182145260b7ece766
Size

324KB
MD5

04b34569fdf08a99221786e875f42d96
SHA1

acd179aaab1c3833513990054733ba1f18935efe
SHA256

ad7c09d21df6cec29e590f8bc60a7dc4602bca0f4958258182145260b7ece766
SHA512

76dee353c6a2acd85bdc76b0308c4d2d4b870d6b1d67fd26fdaafd55a40c244144a45bb8dc2c9aebbebb2601544352340423a14921c02e5a479f296c22cd584d
SSDEEP

6144:2y4rp/PgSwo1f4IUBQtGiF/qQQdkb95jE/NKzx:9gpQ611bkiBqQQdkx5jEGx

Score

N/A

Malware Config

Signatures

Files

ad7c09d21df6cec29e590f8bc60a7dc4602bca0f4958258182145260b7ece766
.exe windows x86

59d81d914fafd753e9da4a53c6c8a9eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetCommandLineA
GetModuleFileNameA
GetStartupInfoA
SetEnvironmentVariableA
GetEnvironmentVariableA
ReleaseMutex
Sleep
WaitForSingleObject
CreateMutexA
OpenMutexA
GetCurrentProcessId
CreateThread
GetCurrentThreadId
GetTickCount
CloseHandle
ReadFile
GetFileSize
CreateFileA
VirtualQueryEx
FindClose
FindFirstFileA
FindFirstFileW
GetModuleFileNameW
GetExitCodeProcess
ContinueDebugEvent
SetThreadContext
ReadProcessMemory
GetThreadContext
WaitForDebugEvent
FreeConsole
SuspendThread
DebugActiveProcess
ResumeThread
CreateProcessW
GetCommandLineW
GetStartupInfoW
GetCurrentThread
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
VirtualProtectEx
ExitProcess
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
CompareStringW
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapAlloc
HeapFree
GetVersion
GetLocalTime
SetThreadPriority
GetVersionExA
WriteProcessMemory
SetLastError
LoadLibraryA
GetLastError
GetProcAddress
VirtualAlloc
VirtualProtect
MapViewOfFile
GetModuleHandleA
TerminateProcess
RtlUnwind
GetTimeZoneInformation
GetSystemTime

user32

GetDesktopWindow
MoveWindow
SetPropA
EnumThreadWindows
GetPropA
WaitForInputIdle
GetMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
BeginPaint
EndPaint
KillTimer
DefWindowProcA
LoadCursorA
RegisterClassA
GetAsyncKeyState
GetSystemMetrics
SetTimer
PostMessageA
IsWindow
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
FindWindowA
SendMessageA
DestroyWindow
MessageBoxA
CreateWindowExA

gdi32

SelectObject
BitBlt
DeleteObject
CreatePalette
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
CreateCompatibleDC

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 80KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 20KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 24KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 8KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 152KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59d81d914fafd753e9da4a53c6c8a9eb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: - Virtual size: 56KB

.data Size: - Virtual size: 28KB

.tls Size: - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.idata Size: - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.text1 Size: 80KB - Virtual size: 128KB

.adata Size: 20KB - Virtual size: 64KB

.data1 Size: 24KB - Virtual size: 64KB

.reloc1 Size: 8KB - Virtual size: 64KB

.pdata Size: 152KB - Virtual size: 192KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 56KB

.data
Size: - Virtual size: 28KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.idata
Size: - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.text1
Size: 80KB - Virtual size: 128KB

.adata
Size: 20KB - Virtual size: 64KB

.data1
Size: 24KB - Virtual size: 64KB

.reloc1
Size: 8KB - Virtual size: 64KB

.pdata
Size: 152KB - Virtual size: 192KB

.rsrc
Size: 4KB - Virtual size: 4KB