0593bb87b7ffed7bff0d6a989bd2eef5553bd5bb73548c75bd749580cf6dc698

Sharing

Copy URL Twitter E-mail

General

Target

0593bb87b7ffed7bff0d6a989bd2eef5553bd5bb73548c75bd749580cf6dc698
Size

404KB
MD5

a3cb705bf8de57a0d90865a2b75105d0
SHA1

1ce1574fc54a3f1bb953425832dd678d89989e77
SHA256

0593bb87b7ffed7bff0d6a989bd2eef5553bd5bb73548c75bd749580cf6dc698
SHA512

e21d5fd65e968b8e66254ac49c1f34b887a800aeaf30a8d24683cb09830a0bd88fdb4ea1c02776052abf762c0c4f53d38d6206fc80e644cce271b567bae0744a
SSDEEP

6144:1B1NnafiRxN1nDh8p3aFgH2kQ+HfZWm7hX8mrJDq3iQJRGY:1B1IyDapKP2fP75DJDmiq

Score

N/A

Malware Config

Signatures

Files

0593bb87b7ffed7bff0d6a989bd2eef5553bd5bb73548c75bd749580cf6dc698
.dll windows x86

5fc98dfd0a44b9200a6312d6e355246e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHFormatDrive
SHCreateShellItem

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW

oleaut32

LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysAllocString
VarUI4FromStr
SysFreeString
SysStringLen

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoInitializeEx

kernel32

CloseHandle
GetDateFormatA
GetNumaAvailableMemoryNode
LoadResource
VirtualAlloc
DeleteCriticalSection
GetVersionExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedCompareExchange
FreeLibrary
GetCurrentThreadId
ReadFile
QueryPerformanceCounter
lstrlenW
GlobalAlloc
InterlockedDecrement
MultiByteToWideChar
InitializeCriticalSection
GetModuleFileNameW
lstrcmpiW
InterlockedIncrement
CreateThread
LeaveCriticalSection
GetCurrentProcessId
WideCharToMultiByte
RaiseException
LocalFree
TerminateProcess
GetLastError
GetModuleHandleW
GetModuleHandleA
InterlockedExchange
SetEvent
WaitForSingleObject
CreateFileW
EnterCriticalSection
GetTickCount

Exports

Exports

Decode
Fetch
Format
ImportModuleLevel
StreamWriter
StringAFromString
set_packswap
warning
write_image

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fc98dfd0a44b9200a6312d6e355246e

Headers

File Characteristics

Imports

shell32

advapi32

oleaut32

ole32

kernel32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 64KB - Virtual size: 62KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 64KB - Virtual size: 62KB

.reloc
Size: 8KB - Virtual size: 7KB