1985fc047f410a1024dbacb00ae7e9ffcca914b7cfea9fa23d50c36db0ebdc46

Sharing

Copy URL Twitter E-mail

General

Target

1985fc047f410a1024dbacb00ae7e9ffcca914b7cfea9fa23d50c36db0ebdc46
Size

155KB
MD5

4060330e2a5039ce23e8b96de3349090
SHA1

f2369b2d107c6cca24974d8bf88172080eb59d88
SHA256

1985fc047f410a1024dbacb00ae7e9ffcca914b7cfea9fa23d50c36db0ebdc46
SHA512

d786188ac1786fbc76594f61b59f347629d208d70beb108483dd7e5738f6539d8a43bca8359d656fd3c5cf19661e598bef34001f61a22ea965e5ede0567f100f
SSDEEP

3072:RFErRVw/KRQjBA5fkGb1GVT8sUOrqfem8nOCj2j03Y7evBSQlhwRzXs:RFErRR6jBAk60VT8sUOufgqjWievBSNW

Score

N/A

Malware Config

Signatures

Files

1985fc047f410a1024dbacb00ae7e9ffcca914b7cfea9fa23d50c36db0ebdc46
.exe windows x86

77a9810a6f4e13937d1ed84e15200724

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
VirtualFree
GetPrivateProfileSectionNamesA
lstrcatA
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
GetVersionExA
CreateDirectoryA
GetDriveTypeA
LocalFree
RemoveDirectoryA
WriteFile
Sleep
ReadFile
SetFilePointer
GetLastError
SetLastError
GetCurrentProcess
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
ExitProcess
GetLocalTime
CreateEventA
HeapFree
HeapAlloc
GetProcessHeap
GlobalFree
GlobalUnlock
ReleaseMutex
WaitForSingleObject
GetTickCount
OpenEventA
SetErrorMode
CreateMutexA
OutputDebugStringA
GetStartupInfoA
LocalAlloc
InterlockedExchange
RaiseException
GetModuleHandleA

msvcrt

strstr
memcmp
strcpy
strchr
malloc
strcmp
free
_except_handler3
strrchr
rename
strcat
strncmp
atoi
_errno
strtok
strncat
strlen
calloc
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_ftol
__CxxFrameHandler
_CxxThrowException
_beginthreadex
memmove
��릫XdD�_strupr
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
ceil
_strupr

�zc

��c��
��c��
��c��
��c��

userenv

CreateEnvironmentBlock

bf�a�� w�y�getmodulehandlea

ICSendMessage
ICSeqCompressFrameEnd

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77a9810a6f4e13937d1ed84e15200724

Headers

File Characteristics

Imports

kernel32

msvcrt

�zc

userenv

bf�a�� w�y�getmodulehandlea

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 14KB - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 16B

�zc

bf�a�� w�y�getmodulehandlea

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 14KB - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 16B