cfb2078e78e1e40c2080982cd725cf58f7ea41d64d0c4526d7f3f4f1ccda7c3b

Sharing

Copy URL Twitter E-mail

General

Target

cfb2078e78e1e40c2080982cd725cf58f7ea41d64d0c4526d7f3f4f1ccda7c3b
Size

363KB
MD5

5ad1a7394e2833b2b761154e4adcd1ea
SHA1

dd7512a61ebab2b7d0f94957d33394f7d546aa40
SHA256

cfb2078e78e1e40c2080982cd725cf58f7ea41d64d0c4526d7f3f4f1ccda7c3b
SHA512

0ece50508325055dbcb13009583e52f70f204c823c7bff1d9f2d001258405b3ddaf74a02c0e77ffb56383797fe374a7c931627a7453fe4d2f922344d2e5e575e
SSDEEP

6144:DU2yTqF84LY4SLUn+uxRz1XeEfSS6PzkGFD2xMrBY8ZykuwEn10DIs3KN:DUrsYW+u4dkGFCxMrzykuwHIT

Score

N/A

Malware Config

Signatures

Files

cfb2078e78e1e40c2080982cd725cf58f7ea41d64d0c4526d7f3f4f1ccda7c3b
.exe windows x86

bdf1f3dfc27581c15ef4d94578c6275c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

kernel32

HeapDestroy
FreeLibrary
LocalFree
LocalAlloc
GetOEMCP
GetWindowsDirectoryW
IsProcessorFeaturePresent
VirtualProtect
GetModuleHandleA
GetStartupInfoW
GetVersionExA
GetProcAddress
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
RaiseException
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetCPInfo
GetSystemInfo
GetACP

Exports

Exports

ButWater
Realfor

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdf1f3dfc27581c15ef4d94578c6275c

Headers

File Characteristics

Imports

ole32

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 66KB - Virtual size: 65KB

.data Size: 78KB - Virtual size: 598KB

.idata Size: 2KB - Virtual size: 2KB

.didat Size: 1024B - Virtual size: 922B

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 66KB - Virtual size: 65KB

.data
Size: 78KB - Virtual size: 598KB

.idata
Size: 2KB - Virtual size: 2KB

.didat
Size: 1024B - Virtual size: 922B

.rsrc
Size: 22KB - Virtual size: 22KB