8a9f328e1d59214cb821f6f5696da3c97e153408b6021f8b8945680b53da5644

General

Target

8a9f328e1d59214cb821f6f5696da3c97e153408b6021f8b8945680b53da5644
Size

268KB
MD5

52bc885307c1249b64839c7adefaf532
SHA1

270947936512b69f1ca2a468520d0e44af1dc0bf
SHA256

8a9f328e1d59214cb821f6f5696da3c97e153408b6021f8b8945680b53da5644
SHA512

8fc5c17a374cebcfbd17f5baa7a96e46f88eef3450415a1e48d4005511746d1ee902eaabf38bb7229215019e6f5f2f8ba28f7406253a41bf00ecb0c3e8d8095d
SSDEEP

6144:V0CKOyZ0CHJb9TseghpHx1jHw6IjZlVFCrvThn:V0KyCqXghNx1jHwblVFO

Score

N/A

Malware Config

Signatures

Files

8a9f328e1d59214cb821f6f5696da3c97e153408b6021f8b8945680b53da5644
.exe windows x86

94be62cefd2824699a20a00bff4e985d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
GetVersionExA
CreateMutexA
CreateEventA
GetModuleHandleA
VirtualAlloc
GetStdHandle
GetProcAddress
IsBadWritePtr
HeapReAlloc
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameA
WriteFile
GetStartupInfoW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
LoadLibraryA

gdi32

GetTextFaceA
SetTextAlign
SetTextColor
GetTextAlign
TextOutA

shlwapi

StrRStrIW
PathFindNextComponentW
PathFileExistsA

scarddlg

ord2

winscard

SCardFreeMemory

secur32

LsaConnectUntrusted

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.norman
Size: 4KB - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94be62cefd2824699a20a00bff4e985d

Headers

File Characteristics

Imports

kernel32

gdi32

shlwapi

scarddlg

winscard

secur32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 232KB - Virtual size: 272KB

.norman Size: 4KB - Virtual size: 988B

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 232KB - Virtual size: 272KB

.norman
Size: 4KB - Virtual size: 988B

.rsrc
Size: 4KB - Virtual size: 2KB