bdabc2e32876bced9784607d7a42d6a7ba98b5b6f332e0eaa38db643c61565c8

Sharing

Copy URL Twitter E-mail

General

Target

bdabc2e32876bced9784607d7a42d6a7ba98b5b6f332e0eaa38db643c61565c8
Size

820KB
MD5

9e087db1ef41fb148c5fddcee292b4c4
SHA1

730895ca52eb53b8ca96f5beeb4944bf2615b608
SHA256

bdabc2e32876bced9784607d7a42d6a7ba98b5b6f332e0eaa38db643c61565c8
SHA512

0be12cf8bbbdbc83a27778256b06748e90a1a8db4d46669ddc08ca5f9bff4c20c5cf40c45969e86bb1fd74c7f7243377286221b508c3efdf9f895dec135924a9
SSDEEP

12288:GveroXcqwkR1Eef2btvx2mwtASebdn1XC2OwsD3tFTM8O:GG1kQef2btvx2mwtASebdn1BOJzfI8O

Score

N/A

Malware Config

Signatures

Files

bdabc2e32876bced9784607d7a42d6a7ba98b5b6f332e0eaa38db643c61565c8
.exe windows x86

2af60d448d92e5f04428377508b96f48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
WaitForSingleObject
GetCommandLineA
GetSystemTime
GetConsoleMode
WriteConsoleA
GetFileAttributesA
GetFileType
GetLastError
WriteFile
Sleep
InterlockedExchange
CloseHandle
TlsFree
TlsGetValue
DuplicateHandle
GetCurrentThread
GetCurrentProcess
TlsSetValue
TlsAlloc
SetFilePointer
GetStdHandle
SetEndOfFile
IsDebuggerPresent
RaiseException
FormatMessageA
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetFileInformationByHandle
GetTempFileNameA
GetTempPathA
GetFullPathNameA
ReadFile
CreateMutexA
GetCurrentThreadId
ReleaseMutex
VirtualAlloc
VirtualFree
SetLastError
DeleteFileA
GetVersionExA
SetThreadPriority
CreateProcessA
GetACP
SetErrorMode
SetConsoleCtrlHandler
FlushFileBuffers
HeapFree
HeapAlloc
GetProcessHeap
ExitProcess
ExitThread
ResumeThread
CreateThread
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MultiByteToWideChar
SetStdHandle
HeapReAlloc
GetCurrentProcessId
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
InitializeCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetEnvironmentVariableA
RtlUnwind
HeapSize
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetLocaleInfoA
CompareStringA
CompareStringW
GetExitCodeProcess
GetConsoleOutputCP
WriteConsoleW
VirtualQuery

imagehlp

SymInitialize
StackWalk
SymCleanup

user32

MessageBoxA

Sections

.text
Size: 648KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 634KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2af60d448d92e5f04428377508b96f48

Headers

File Characteristics

Imports

kernel32

imagehlp

user32

Sections

.text Size: 648KB - Virtual size: 646KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 32KB - Virtual size: 634KB

_RDATA Size: 28KB - Virtual size: 24KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 648KB - Virtual size: 646KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 32KB - Virtual size: 634KB

_RDATA
Size: 28KB - Virtual size: 24KB

.rsrc
Size: 52KB - Virtual size: 52KB