59cd5781daef08011eea97ea1f2684e1bfb36e9b0836f8b9aaa7bacc5a079f6f

Sharing

Copy URL Twitter E-mail

General

Target

59cd5781daef08011eea97ea1f2684e1bfb36e9b0836f8b9aaa7bacc5a079f6f
Size

214KB
MD5

6d33b364170509ef8a251548f23f5c30
SHA1

d52abdf920fb3c129f6437236b4effbf89091a3d
SHA256

59cd5781daef08011eea97ea1f2684e1bfb36e9b0836f8b9aaa7bacc5a079f6f
SHA512

7f1df67151fcac3aa0d620a6747b44c45b9809e937e0bacd157bb4a768918c887fdefb1c46047bd7ac8955579a7a7811279abca111789e0cd2729675108267c3
SSDEEP

3072:XuQLluEx0/6ssWR8t/1kQFYNIpz/j768gLJzAesy1KIOq15Di6NZUb/gkJ+TN:eQLpx0/6b96Ipz0JzAtYKIO85O6XT

Score

N/A

Malware Config

Signatures

Files

59cd5781daef08011eea97ea1f2684e1bfb36e9b0836f8b9aaa7bacc5a079f6f
.exe windows x86

d976372238f32391dd38b47c928cae47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FindExecutableA
ShellExecuteExA
DragQueryPoint
DragAcceptFiles
DragQueryFileW
ShellAboutW
DragFinish

ole32

OleBuildVersion
CoFreeAllLibraries
OleCreateFromFileEx
CoQueryAuthenticationServices
StgCreateDocfileOnILockBytes

advapi32

SetFileSecurityW
MapGenericMask
QueryServiceConfigA
DeregisterEventSource
LogonUserA
RegisterEventSourceW
GetSecurityDescriptorGroup
GetSidSubAuthorityCount

kernel32

SetFilePointer
FlushFileBuffers
CloseHandle
GetConsoleCP
GetStringTypeW
WriteConsoleW
SetStdHandle
CreateFileW
GetConsoleMode
TlsSetValue
lstrcpynA
CancelIo
CreateHardLinkW
SetTapeParameters
FindVolumeClose
GetWindowsDirectoryW
HeapAlloc
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
EncodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
Sleep
TlsAlloc
TlsGetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
CompareStringW
MultiByteToWideChar
SetEnvironmentVariableA
HeapSize
IsProcessorFeaturePresent
LCMapStringW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d976372238f32391dd38b47c928cae47

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 70KB

.rsrc Size: 149KB - Virtual size: 152KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 70KB

.rsrc
Size: 149KB - Virtual size: 152KB