8f5525bbb2befdde6ad3a8916af3601f42103ebbb9b6e032ae632d78dd844036

General

Target

8f5525bbb2befdde6ad3a8916af3601f42103ebbb9b6e032ae632d78dd844036
Size

164KB
MD5

847cd81c83a4e900ca44ef05a9508a78
SHA1

362a6d0865c3d4fd9f108beaae116b6824d1ff4f
SHA256

8f5525bbb2befdde6ad3a8916af3601f42103ebbb9b6e032ae632d78dd844036
SHA512

926e8af5dde5a40f4d2c4c6ab9e13e127ed7388d7fe4fd32b3a5476f11e66419916aafe98c4b3e74491cc6c97293dd0eba0028b4babb9aa0afb5ee2fde6aea4d
SSDEEP

3072:EHZRSP5pmw/wBHoTsMWdBh2WbiK5L84QajnhmWCp55VQ4+GQ30BZOF+WzS/EfrcL:EQ1/IoTsMUaWnLboDVQf30BZOklEfAq

Score

N/A

Malware Config

Signatures

Files

8f5525bbb2befdde6ad3a8916af3601f42103ebbb9b6e032ae632d78dd844036
.exe windows x86

c093ae51700eac24d86fdd8a52282599

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FlushInstructionCache
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetProcessHeaps
GetThreadContext
GetThreadPriority
GlobalFlags
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
IsBadWritePtr
LoadLibraryA
OpenProcess
QueueUserAPC
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SwitchToFiber
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnregisterWait
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject

shell32

SHGetDiskFreeSpaceExA
SHGetFolderPathW
ShellHookProc
RegenerateUserEnvironment

msvcrt

_errno
_ftime
_endthreadex
_onexit
_setjmp3
calloc
exit
longjmp
tmpnam
_adjust_fdiv
__dllonexit
_initterm

wsock32

WSASetLastError
WSAGetLastError

Exports

Exports

DeleteContext
ExecuteSql
GetBuffers
IVoidPtrList_CreateInstance
Init
UnlocStrEqNW

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c093ae51700eac24d86fdd8a52282599

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

msvcrt

wsock32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 6KB - Virtual size: 5KB