5d536c5c9c0452eaba5f6396e411295d4171b0ab93c8c2525e60c0cc438b0c78

Sharing

Copy URL Twitter E-mail

General

Target

5d536c5c9c0452eaba5f6396e411295d4171b0ab93c8c2525e60c0cc438b0c78
Size

84KB
MD5

a151ae8a58ce07e771c52bb06027d2e5
SHA1

fa59c6e1d00489c559bdc810c669c5393633af88
SHA256

5d536c5c9c0452eaba5f6396e411295d4171b0ab93c8c2525e60c0cc438b0c78
SHA512

020ec5535a9a47d8b76d03192c0cf3ec5423ef6eec95ab70e6ae74fd6621d1c25457ff44ff452505960d4568a921c92e47f6b1b1a2397394ce7e92168badfa2d
SSDEEP

1536:xj7XIV6R6muCCUWz0du+8HHsBd0iXTna1l:xYV6R1QzcEHsBd0iW1l

Score

N/A

Malware Config

Signatures

Files

5d536c5c9c0452eaba5f6396e411295d4171b0ab93c8c2525e60c0cc438b0c78
.exe windows x86

072dabda773d98f5eba9e04b4bd5fcc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetSystemInfo
VirtualProtect
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
InterlockedExchange
VirtualQuery
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetConsoleCtrlHandler
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
lstrcatA
CreateFileA
GetFileSize
CloseHandle
ReadFile
lstrcpyA
lstrcmpA
lstrcpynA
lstrlenA
GetSystemTimeAsFileTime
GetCurrentDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
RaiseException
GetVersionExA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
HeapFree
GetLastError
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
GetCurrentProcess
ExitProcess
VirtualAlloc
GetProcessHeap
FreeLibrary
RtlUnwind
UnhandledExceptionFilter
FlushFileBuffers

user32

SetWindowTextA
InvalidateRect
ReleaseDC
SetRect
PtInRect
SetCursor
ShowCursor
PostMessageA
BeginPaint
FillRect
DrawTextA
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
MessageBoxA
RegisterClassA
GetDC
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
EndPaint

gdi32

SetStretchBltMode
StretchDIBits
CreateSolidBrush
SelectObject
SetBkColor
TextOutA
DeleteObject
GetStockObject
GetDeviceCaps
GetTextMetricsA

shell32

ShellExecuteA

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gda
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

072dabda773d98f5eba9e04b4bd5fcc1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 21KB

.gda Size: - Virtual size: 1B

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 21KB

.gda
Size: - Virtual size: 1B