c52be741b217c09c7e929d2170946b9d0905146592b475be8c5c6a7b000807f7

General

Target

c52be741b217c09c7e929d2170946b9d0905146592b475be8c5c6a7b000807f7
Size

99KB
MD5

c4708481e9551eac55f563e3c3129f73
SHA1

c0fb6dcc999887c3bc5f359917a8ae66d323969d
SHA256

c52be741b217c09c7e929d2170946b9d0905146592b475be8c5c6a7b000807f7
SHA512

de7ce2d1da7692d13a84e0cfd243b8e971634050766ded790d35fdcec4b0b9ee713ed260a509da33b70076d17fa1caf19738cee60cbab40afc762808541b68b6
SSDEEP

3072:N/9zoJE3s9eqhqR2+hRbk0cJv3BsftWgM8/F:N/WJReIkCJIzMc

Score

N/A

Malware Config

Signatures

Files

c52be741b217c09c7e929d2170946b9d0905146592b475be8c5c6a7b000807f7
.exe windows x86

67cd0ce9a73186e350be52f9df750dff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
VirtualAlloc
GetModuleHandleW
GetStringTypeA
LCMapStringW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
GetStringTypeW

gdi32

CreateSolidBrush
CreateFontIndirectW
FrameRgn
CreatePolygonRgn
CreateDCA
OffsetRgn
CreateRectRgn
GetRgnBox

advapi32

RegOpenKeyExA
EnumServicesStatusA
AdjustTokenPrivileges
GetUserNameW

msi

ord216

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ptext
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67cd0ce9a73186e350be52f9df750dff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

msi

Sections

.text Size: 26KB - Virtual size: 25KB

.ptext Size: 6KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 114KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 26KB - Virtual size: 25KB

.ptext
Size: 6KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 114KB

.rsrc
Size: 12KB - Virtual size: 12KB