d1dca6011c128848ae06bfcd852ff03f96ba7778ece23afcdb7f72e166ece9f7

General

Target

d1dca6011c128848ae06bfcd852ff03f96ba7778ece23afcdb7f72e166ece9f7
Size

64KB
MD5

5aea2712dbea09d0ebec2e885996246d
SHA1

04537320d4ce59e5a22b2e684998fa36861bc4b7
SHA256

d1dca6011c128848ae06bfcd852ff03f96ba7778ece23afcdb7f72e166ece9f7
SHA512

cb8710a1ad7acdd916e7a7fea86da3dd74736f7b6667a84a340e334f120e7608ddb4f1cbb056c61570bf7cb791d77430acc2153e22ec32e0ca0f58d6298fdd6b
SSDEEP

768:kJSkCis89kYOolNumYFwiPJPCTKoNfaMWhUz1T:iK5m4wiPw2ob

Score

N/A

Malware Config

Signatures

Files

d1dca6011c128848ae06bfcd852ff03f96ba7778ece23afcdb7f72e166ece9f7
.exe windows x86

2824514fa73476e923adcb08c0561995

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateThread
DebugBreak
DeleteFileA
DeviceIoControl
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetModuleFileNameA
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
CloseHandle
IsDBCSLeadByte
LoadLibraryExA
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenProcess
QueryPerformanceCounter
ReadFile
SetCommTimeouts
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WideCharToMultiByte
lstrcpynA
lstrlenW
GetSystemDirectoryA
lstrcatA
CreateFileA
GetStartupInfoA
GetTickCount
VirtualAllocEx

user32

SetClipboardViewer
SendMessageA
InvalidateRect
BeginPaint
GetClientRect
DefWindowProcA

gdi32

GetDeviceCaps
AddFontResourceA
CreateFontIndirectA

advapi32

RegOpenKeyExW

msvcrt

memcpy

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2824514fa73476e923adcb08c0561995

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 22KB - Virtual size: 21KB

.text3 Size: 29KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 21KB

.text3
Size: 29KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB