ddadc24dd898f1311a858bfe2ebe749f4f6932677f90f54ff49ef1fa9852be80

Sharing

Copy URL

Twitter E-mail

General

Target

ddadc24dd898f1311a858bfe2ebe749f4f6932677f90f54ff49ef1fa9852be80
Size

199KB
MD5

7daa2c28b3fe1534cc042cb7e9540116
SHA1

653bf2c496eabe8e1919f6eadfe39cd2c028dba5
SHA256

ddadc24dd898f1311a858bfe2ebe749f4f6932677f90f54ff49ef1fa9852be80
SHA512

7dea341eb6be62d0304511d5bf47945c496c24ac92c399a0192ff44aecd6fbb7f107b9fb8324ce1581a407cb3506efb08e93342f993a91096921a8921f4c6ee3
SSDEEP

3072:pj1m0c65tHG06uxCiRSDz1BfDlNBcMXFPIS3guQikoFmfIBtN63btNZIECRnx2An:K0c65trNjIz1JrKM+Ux63nZUxLbn

Score

N/A

Malware Config

Signatures

Files

ddadc24dd898f1311a858bfe2ebe749f4f6932677f90f54ff49ef1fa9852be80
.exe windows x86

efcbf4401a1b39a08e5013ee6c5a37dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
FormatMessageA
GetFileType
GetCurrentThread
GetDiskFreeSpaceA
GetVersionExA
SetThreadLocale
GetCurrentProcess
CreateEventA
CompareStringA
CloseHandle
LocalReAlloc
DeleteFileA
GlobalAlloc
GetSystemDefaultLangID
HeapAlloc
FindResourceA
GetACP
SizeofResource
FreeResource
GetOEMCP
GetUserDefaultLCID
SetLastError
DeleteCriticalSection
ReadFile
FindFirstFileA
GetStringTypeA
GetLastError
InitializeCriticalSection
LocalFree
GetLocaleInfoA
GetLocalTime
GetFullPathNameA
EnterCriticalSection
SetEvent
LoadResource
MulDiv
lstrcpynA
LocalAlloc
VirtualQuery
WriteFile
GetModuleHandleA
SetEndOfFile
MoveFileA
SetHandleCount
GetCommandLineA
ExitProcess
GlobalDeleteAtom
GetProcAddress
SetErrorMode
GetFileAttributesA
RaiseException
FindClose
GetCPInfo
lstrcmpA
VirtualAlloc
GetTickCount
HeapFree
lstrcpyA
lstrcatA
GlobalFindAtomA
GetStdHandle
GetStringTypeW
SetFilePointer
ResetEvent
GetThreadLocale
EnumCalendarInfoA
WaitForSingleObject
ExitThread
FreeLibrary
CreateFileA
VirtualAllocEx
GetEnvironmentStrings
CreateThread
LoadLibraryA
GetStartupInfoA
MoveFileExA
WideCharToMultiByte
LoadLibraryExA
GetModuleFileNameA
GetFileSize
lstrlenA
GetCurrentThreadId
GetProcessHeap
GlobalAddAtomA
GetVersion
Sleep
GetCurrentProcessId
lstrcmpiA

msvcrt

log10
wcsncmp
wcscspn
wcstol
memmove
memcmp
mbstowcs
strcmp
memcpy

user32

GetPropA
GetScrollPos
CreateIcon
GetMenuItemCount
GetSubMenu
GetMenuStringA
CheckMenuItem
EnumWindows
GetKeyNameTextA
IsChild
SetTimer
GetMenuState
GetActiveWindow
CharToOemA
IsDialogMessageA
TrackPopupMenu
DeferWindowPos
GetMenuItemInfoA

Sections

CODE
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 3KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efcbf4401a1b39a08e5013ee6c5a37dc

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

CODE Size: 190KB - Virtual size: 190KB

.tls Size: 3KB - Virtual size: 75KB

.rdata Size: 4KB - Virtual size: 3KB

CODE
Size: 190KB - Virtual size: 190KB

.tls
Size: 3KB - Virtual size: 75KB

.rdata
Size: 4KB - Virtual size: 3KB