a51f238489185af4667f6feb0afa02e63f0e36646a6d4a4fcbaa2a1226627a42

Sharing

Copy URL Twitter E-mail

General

Target

a51f238489185af4667f6feb0afa02e63f0e36646a6d4a4fcbaa2a1226627a42
Size

212KB
MD5

beb4df6721ef5ffcd13d2deda22cca19
SHA1

8d24e8149f855b07ee723362146de2b063206776
SHA256

a51f238489185af4667f6feb0afa02e63f0e36646a6d4a4fcbaa2a1226627a42
SHA512

54f0c26a3e8ce9093056e7a4d62bf7feee3c6b5081603a21535b625fe1329d05f5543e59a4815b903da42b6661be1aa09f0cf9bdd964eaa7f46946c3bfb5f097
SSDEEP

3072:Cw+YkonYWiVdFgoQ+8/6PH+dwHEN4tfIjyeLnI0U/kiqqeU7cWQu09ptp7SUGM:CHHoYFWoQThdwjQZFWQu0zr7v

Score

N/A

Malware Config

Signatures

Files

a51f238489185af4667f6feb0afa02e63f0e36646a6d4a4fcbaa2a1226627a42
.exe windows x86

5ebabde7c2d2c926b0f79ad1175993ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

advapi32

GetUserNameA

usp10

ScriptIsComplex
ScriptItemize
ScriptGetLogicalWidths
ScriptLayout
ScriptPlace
ScriptRecordDigitSubstitution
ScriptJustify
ScriptGetProperties

kernel32

SetEnvironmentVariableA
TlsFree
CompareStringW
CompareStringA
GetLocaleInfoW
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThread
DuplicateHandle
PeekNamedPipe
GetExitCodeProcess
GetEnvironmentVariableA
ResetEvent
FindFirstChangeNotificationA
DeleteFileA
OpenMutexA
CreateMutexA
ReleaseMutex
RemoveDirectoryA
LocalFree
LocalAlloc
GetVolumeInformationA
InitializeCriticalSection
EnterCriticalSection
Sleep
GetCurrentThreadId
FreeLibrary
LoadLibraryA
GetProcAddress
SetTapePosition
VirtualProtect
GetModuleHandleA
GetSystemInfo
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoW
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
TlsAlloc
SetLastError
GetLastError
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
HeapSize
InterlockedExchange
VirtualQuery
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetACP
GetOEMCP
WideCharToMultiByte
GetTimeZoneInformation

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ebabde7c2d2c926b0f79ad1175993ab

Headers

File Characteristics

Imports

user32

advapi32

usp10

kernel32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 72KB - Virtual size: 445KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 72KB - Virtual size: 445KB

.rsrc
Size: 4KB - Virtual size: 1KB