7b06b55321fc80a3c0047a9a158e37bc1383ad8294940e1b0c8628aa2fa01c44

Sharing

Copy URL

Twitter E-mail

General

Target

7b06b55321fc80a3c0047a9a158e37bc1383ad8294940e1b0c8628aa2fa01c44
Size

203KB
MD5

ec31c7b2f853827ccd78c573265f9c3f
SHA1

c006b12716ef9fce677aad9ab99984492adc3fd2
SHA256

7b06b55321fc80a3c0047a9a158e37bc1383ad8294940e1b0c8628aa2fa01c44
SHA512

9df0a12462ea635efc9487bab993292cfd5fa1d2eda87cfaae37a3f00a6401012886ecc616bf9d8c8b3a77ec808da709a92099617ea230fe3ef69337469a0e75
SSDEEP

6144:TXD8eWfctN54ehNrXTYIE3QcFmms3yKimtSp:TXD8eW0tnYIEAec3M

Score

N/A

Malware Config

Signatures

Files

7b06b55321fc80a3c0047a9a158e37bc1383ad8294940e1b0c8628aa2fa01c44
.exe windows x86

47b6412a4a62cb442f168bf331031db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
CreateDirectoryA
SetFilePointer
FlushFileBuffers
GetTickCount
Sleep
SetEvent
CreateEventA
WaitForSingleObject
GetCurrentProcess
GetLastError
TerminateProcess
CreateProcessA
GetProcAddress
lstrcpynA
WideCharToMultiByte
lstrcatA
FreeLibrary
WriteConsoleW
SetStdHandle
GetStringTypeW
LCMapStringW
HeapSize
HeapReAlloc
RtlUnwind
LoadLibraryW
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
DeleteFileA
VirtualFree
VirtualAlloc
lstrlenA
lstrcpyA
CloseHandle
GetModuleFileNameA
CreateFileW
MultiByteToWideChar
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetModuleFileNameW
GetStdHandle
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
CreateThread
HeapAlloc
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
ExitProcess

user32

SendMessageA
GetDlgItem
SetDlgItemTextA
EndDialog
GetDlgItemTextA
MessageBoxA
DialogBoxParamA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyA
RegOpenKeyExA

shell32

SHCreateDirectoryExA

shlwapi

StrStrIA
StrStrA

comctl32

ord17

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47b6412a4a62cb442f168bf331031db5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 144KB - Virtual size: 144KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 144KB - Virtual size: 144KB

.reloc
Size: 6KB - Virtual size: 5KB