912c38731b2dfab26c2489eaef86ee7c9ebb9d25801d8583aac1b9542c3f161d

Sharing

Copy URL Twitter E-mail

General

Target

912c38731b2dfab26c2489eaef86ee7c9ebb9d25801d8583aac1b9542c3f161d
Size

646KB
MD5

157cff8c58a21d785fca26e7a4f50d70
SHA1

c2d7288b871813dc2a8046507b34b23076858a83
SHA256

912c38731b2dfab26c2489eaef86ee7c9ebb9d25801d8583aac1b9542c3f161d
SHA512

9ffd7ceb96da88d512a8b2172588cd5d75170d08dad9836a1f7a60ceea4aa5bac03276b5ab07b4441149f91039f79d611569301bafd3104c806c3a0ceb49e838
SSDEEP

12288:fnvoN4gKfKr/xJTgXfx+Q65gTY11IN8S/804mVpCLuXrTi/Fwc/O5y:fv24MrZJgXfwZCWSb7C0XiScG5y

Score

N/A

Malware Config

Signatures

Files

912c38731b2dfab26c2489eaef86ee7c9ebb9d25801d8583aac1b9542c3f161d
.exe windows x86

6afebdd53856cadeea9fcb71e7910efa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringW

ole32

CoCreateGuid
CoInitialize
CoUninitialize

kernel32

CloseHandle
CreateFileA
DeleteFileW
EnterCriticalSection
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualProtect
lstrlenA
DeleteCriticalSection

ntdll

NtOpenKey
RtlAllocateHeap
RtlDosPathNameToNtPathName_U
RtlFreeHeap
RtlFreeUnicodeString
RtlInitUnicodeString
NtClose

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
ExtTextOutA
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
SelectObject
SetBkColor
SetBkMode
SetTextColor
GetObjectA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

BeginPaint
CharNextA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnableWindow
EndPaint
FillRect
GetClientRect
GetDC
GetFocus
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
KillTimer
LoadCursorA
LoadStringA
MessageBoxA
PostMessageA
PostQuitMessage
ReleaseDC
SendMessageA
SetCursor
SetTimer
SetWindowLongA
SetWindowPos
ShowWindow
SystemParametersInfoA
TranslateMessage
UpdateWindow

Sections

AUTO
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc2
Size: 215B - Virtual size: 215B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc3
Size: 344B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6afebdd53856cadeea9fcb71e7910efa

Headers

File Characteristics

Imports

crypt32

ole32

kernel32

ntdll

gdi32

advapi32

user32

Sections

AUTO Size: 48KB - Virtual size: 48KB

DGROUP Size: 125KB - Virtual size: 124KB

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 220B

.reloc2 Size: 215B - Virtual size: 215B

.reloc3 Size: 344B - Virtual size: 344B

AUTO
Size: 48KB - Virtual size: 48KB

DGROUP
Size: 125KB - Virtual size: 124KB

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 220B

.reloc2
Size: 215B - Virtual size: 215B

.reloc3
Size: 344B - Virtual size: 344B