41d635962d8bea0ea1d118df0e28d53d2eafc9ce4568379fe5cdcbb28e14b368

Sharing

Copy URL Twitter E-mail

General

Target

41d635962d8bea0ea1d118df0e28d53d2eafc9ce4568379fe5cdcbb28e14b368
Size

229KB
MD5

02496d01e66281aa347cde91fa09c970
SHA1

386d8d5bbf0fb4e5b2f43fcd1e06debd8d91d662
SHA256

41d635962d8bea0ea1d118df0e28d53d2eafc9ce4568379fe5cdcbb28e14b368
SHA512

a5be558a51b73011b784157a2d2a2876e09bb163a75ce2d200f17b0f60e8bdb2a9b199d2e67e38b8cbe2614dae4d30a80170e2ae2c3bc9b747f6c96750c0d0e5
SSDEEP

6144:eX3BbwKh1leHGcsgg9Q6VDJeGp0Ag6SYMe:w3BbTemc8pI9AgNe

Score

N/A

Malware Config

Signatures

Files

41d635962d8bea0ea1d118df0e28d53d2eafc9ce4568379fe5cdcbb28e14b368
.exe windows x86

2a7792e0ec4bed6fb322884f123131d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellAboutA
DragQueryFileW
DuplicateIcon
ExtractAssociatedIconW
ShellExecuteExW
DragQueryFileA

ole32

OleCreateLinkFromData
CoFreeLibrary
ProgIDFromCLSID
CoCreateInstance
CoDosDateTimeToFileTime

advapi32

RegSetValueA
SetThreadToken
AllocateAndInitializeSid
GetSecurityDescriptorGroup
RegConnectRegistryA
MapGenericMask
RegCreateKeyExW
RegQueryValueA
AccessCheckByTypeResultList
SetPrivateObjectSecurity

kernel32

LoadLibraryW
HeapReAlloc
GetConsoleCP
FlushFileBuffers
SetFilePointer
HeapSize
SetStdHandle
InterlockedDecrement
FormatMessageA
AddAtomW
CancelIo
GetTickCount
ReadConsoleOutputAttribute
LoadModule
GetSystemDefaultLangID
GetStringTypeW
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetLastError
GetDiskFreeSpaceA
GetLogicalDrives
GetCommandLineA
HeapSetInformation
GetStartupInfoW
WriteConsoleW
MultiByteToWideChar
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
HeapFree
CreateFileW
CloseHandle
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
RtlUnwind

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a7792e0ec4bed6fb322884f123131d8

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 163KB - Virtual size: 162KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 163KB - Virtual size: 162KB