57b9bcaced80ed3c44eff751517d331ce54866bd4563c17d554a06ffe4ebd201

Sharing

Copy URL

Twitter E-mail

General

Target

57b9bcaced80ed3c44eff751517d331ce54866bd4563c17d554a06ffe4ebd201
Size

246KB
MD5

1272ec0f98b10775fb6ed5accabba160
SHA1

ac246933f658dc9a6a8bed240a84082bb4289479
SHA256

57b9bcaced80ed3c44eff751517d331ce54866bd4563c17d554a06ffe4ebd201
SHA512

58a6f5faea6cae4ad07e8e42a747af8ee7c32193602ddda0b09a441c970980fe7c2fd59cc11d0de0736f3518de17549c31c8ecf3e2ebcc2b2fdaf073022e5e86
SSDEEP

3072:OSHKsqdgh9QiMdn0OjuSC9gxDmNN8Ebb5:7qVgTQndn0P92mNNH

Score

N/A

Malware Config

Signatures

Files

57b9bcaced80ed3c44eff751517d331ce54866bd4563c17d554a06ffe4ebd201
.exe windows x86

7dfe945b0e926a3f5093cf93f681f259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
IsProcessorFeaturePresent
GetFileAttributesW
CreateProcessW
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
HeapCreate
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
GetModuleFileNameW
GetModuleHandleW
LeaveCriticalSection
HeapAlloc
DecodePointer
EncodePointer
HeapSetInformation
GetCommandLineW
TlsFree
TlsGetValue
TlsSetValue
GetStdHandle
UnhandledExceptionFilter
ExitProcess
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
MultiByteToWideChar
GetConsoleMode
InterlockedIncrement
InterlockedDecrement
GetVersion
LocalAlloc
VirtualAlloc
VirtualFree
EnterCriticalSection
DeleteCriticalSection
RaiseException
Sleep
InterlockedCompareExchange
RtlUnwind
GetExitCodeProcess
QueryPerformanceCounter
QueryPerformanceFrequency
LocalFree
WaitForSingleObject
CloseHandle
GetModuleHandleA
CreateProcessA
GetCommandLineA
GetExitCodeThread
FreeLibrary
SetLastError
lstrlenA
WriteFile
GetLastError
GetCurrentThread
HeapFree
GetProcessHeap
DisableThreadLibraryCalls
FlushFileBuffers
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableW
CreateFileW
WideCharToMultiByte
RemoveDirectoryA

user32

GetKeyboardType

advapi32

LookupAccountNameA
RegCloseKey
RegQueryValueExA
RegEnumKeyA
LogonUserW
GetSidSubAuthorityCount
RegOpenKeyExA

oleaut32

SysFreeString
SysAllocStringLen

msvcrt

isprint
sscanf
toupper
wcscpy
fwrite
free
sprintf
strchr
strncmp
fopen
memset
malloc

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dfe945b0e926a3f5093cf93f681f259

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

msvcrt

Sections

.text Size: 32KB - Virtual size: 29KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 76KB - Virtual size: 2.6MB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 32KB - Virtual size: 29KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 76KB - Virtual size: 2.6MB

.rsrc
Size: 72KB - Virtual size: 71KB