d902143a122d4eb04cf05dddc582e9738396d3071e813c528137123cf369df20

Sharing

Copy URL Twitter E-mail

General

Target

d902143a122d4eb04cf05dddc582e9738396d3071e813c528137123cf369df20
Size

157KB
MD5

29e3b3850f934a65377a3f82405dbf11
SHA1

f5528da20fe8c31f5cde2bc471454e434f936f11
SHA256

d902143a122d4eb04cf05dddc582e9738396d3071e813c528137123cf369df20
SHA512

66f98785b3b074802e4feab541ef4042c0c3972216626fbb64c08e4c862c6fb58c3138b2f125630b256d5fa46f10b2adb361701ab0e9a6ec467abb498f79dcdd
SSDEEP

3072:3k2JA3VVze53VarCgeXGIziTL5kpyOD7fECSI6:3V+z+VarB+ATL5oyODN

Score

N/A

Malware Config

Signatures

Files

d902143a122d4eb04cf05dddc582e9738396d3071e813c528137123cf369df20
.exe windows x86

cb0d9d042f0d1230770103500ed671dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeA
PathMakePrettyA
PathFindOnPathW

kernel32

ExitProcess
HeapReAlloc
HeapAlloc
GetStringTypeW
CreateFileA
SetEndOfFile
WaitForSingleObject
SetEvent
FormatMessageA
GetCommandLineA
Sleep
CreateEventA
FormatMessageW
CreateProcessA
GlobalUnlock
GetTempPathW
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
CreateNamedPipeA
LoadLibraryA
CreatePipe
GetModuleHandleA
CreateMutexA
CloseHandle
GetVersion
GetTempPathA
GetSystemTime
SetFileAttributesW
MultiByteToWideChar
LCMapStringW
HeapSize
RtlUnwind
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
IsProcessorFeaturePresent
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection

user32

RegisterClassExA
TrackPopupMenu
GetWindowDC
BeginPaint
TrackPopupMenuEx
CreateWindowExA
GetWindowRect
DefWindowProcA
EnumChildWindows
ShowWindow
CloseWindow
AdjustWindowRect
GetDlgItemTextA
SetTimer
MapVirtualKeyW
GetClassNameW

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb0d9d042f0d1230770103500ed671dc

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 124KB - Virtual size: 128KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 124KB - Virtual size: 128KB

.reloc
Size: 2KB - Virtual size: 2KB