536c28b335f2979b4042faa1fc3c8e5523fdfabab653a3b8097941cd440386f5

Sharing

Copy URL Twitter E-mail

General

Target

536c28b335f2979b4042faa1fc3c8e5523fdfabab653a3b8097941cd440386f5
Size

306KB
MD5

5a168375ba6c6d30c72ed4d4655efd7d
SHA1

35abd326bcf54b2bf28b6b162375a04150f676f2
SHA256

536c28b335f2979b4042faa1fc3c8e5523fdfabab653a3b8097941cd440386f5
SHA512

4df7999d5b1432c8190f4cec1d6512b65d77246daa69a70f22b5a869812a4ad98e322db8b5fc6ad0851b1fd3440e4c31c16531c88cebb3cc21ae5a573cab63ab
SSDEEP

6144:S/oMmlhkgERGfNFR7wY2V2CwbGC7nX0XY1U84ZEEL/17KajQ6FXfgx:ShEPVwYwOGbXY1pclb1p82v

Score

N/A

Malware Config

Signatures

Files

536c28b335f2979b4042faa1fc3c8e5523fdfabab653a3b8097941cd440386f5
.exe windows x86

914a3d037d59be25f19b4acff071b87b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
CloseHandle
SetUnhandledExceptionFilter
WideCharToMultiByte
ReadFile
GetCurrentThreadId
CreateFileW
MapViewOfFile
GetFileSize
SetLastError
GetSystemDefaultLangID
SetFilePointer
FreeLibrary
GetLocalTime
FreeEnvironmentStringsA
GlobalMemoryStatus
HeapAlloc
ResetEvent
LeaveCriticalSection
EnterCriticalSection
SystemTimeToFileTime
DeleteCriticalSection
LocalAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetProcessHeap
GetModuleHandleW
FileTimeToSystemTime
UnmapViewOfFile
GetDiskFreeSpaceA
CreateEventW
UnhandledExceptionFilter
HeapFree
CreateFileMappingW
VirtualProtect
WaitForSingleObject
DeviceIoControl
FreeEnvironmentStringsW
VirtualFree
lstrlenA
lstrlenW
LocalFree
IsProcessorFeaturePresent
HeapCreate
VirtualAllocEx

msvcrt

wcsstr
_itow
time
_ui64tow
wcsncmp
memset
_initterm
_lock
_vsnwprintf
wcschr
srand
malloc
_onexit
_unlock
__dllonexit
_wtoi
_purecall
rand
memmove
_wcsnicmp
memcpy
_amsg_exit
_XcptFilter
free

rpcrt4

RpcStringFreeW
UuidFromStringW
I_RpcMapWin32Status
UuidToStringW

advapi32

CryptDestroyKey
CryptAcquireContextW
CryptExportKey
CryptDecrypt
CryptEncrypt
CryptDestroyHash
CryptVerifySignatureA
RegSetValueExA
RegCreateKeyExA
TraceEvent
CryptImportKey
RegQueryValueExA
CryptGenKey
CryptGetHashParam
CryptReleaseContext
CryptCreateHash
CryptSignHashA
RegCloseKey
CryptHashData

ntdll

RtlUnwind

user32

GetDC
LoadBitmapW
GetMenuInfo
MessageBeep
SetWindowLongW
WaitForInputIdle
GetSystemMetrics
GetSysColor
EnableMenuItem
DialogBoxIndirectParamA
SetWindowPos
WaitMessage
GetMenuItemInfoA
RegisterWindowMessageW
DestroyCursor

gdi32

GetTextColor

localsec

DllCanUnloadNow
DllRegisterServer

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

914a3d037d59be25f19b4acff071b87b

Headers

File Characteristics

Imports

kernel32

msvcrt

rpcrt4

advapi32

ntdll

user32

gdi32

localsec

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 268KB - Virtual size: 410KB

.rdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 13KB - Virtual size: 38KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 268KB - Virtual size: 410KB

.rdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 13KB - Virtual size: 38KB