b66488500e34f225d30eda81d28808dfb24370f8acc7b51eeb667b606beb5bc1

Sharing

Copy URL Twitter E-mail

General

Target

b66488500e34f225d30eda81d28808dfb24370f8acc7b51eeb667b606beb5bc1
Size

988KB
MD5

8575e96bacb35a737b9d9736c4dc292d
SHA1

15515ea2c0b644745b30e67793fd6f46b33d93d1
SHA256

b66488500e34f225d30eda81d28808dfb24370f8acc7b51eeb667b606beb5bc1
SHA512

c7d7ba406022f66c59e8c43e92c5478837a8388696be6757dbde3c0cec230f3df9b1f85e9d3caf9d6cd2da45ca8b0c5cab6a4ffcb28514204df77165e925f649
SSDEEP

12288:5S+PbK6ZW6dC5xqOoUl5r6ns80/+U+2iBXTw:5BZW6dC5xql8r6ns8AnKZT

Score

N/A

Malware Config

Signatures

Files

b66488500e34f225d30eda81d28808dfb24370f8acc7b51eeb667b606beb5bc1
.exe windows x86

f6b3588b94ed5e82445f83f02e05f4e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetExitCodeThread
GetPriorityClass
GetThreadTimes
GetThreadPriority
GetEnvironmentStrings
GetProcessVersion
GetFileAttributesA
FindFirstFileA
GetFileSize
CreateFileA
lstrlenA
ExitProcess
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetProcessHeap
DeleteCriticalSection
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
RaiseException
InitializeCriticalSection
FatalAppExitA
ReadFile
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
SetFilePointer
SetConsoleCtrlHandler
LCMapStringA
LCMapStringW
CloseHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapAlloc
GetFileType
VirtualAlloc

user32

RegisterClassA
GetWindow
IsIconic
IsWindowVisible
CloseWindow
GetWindowTextLengthA
MoveWindow
GetTitleBarInfo
GetParent
AnimateWindow
GetWindowRect
DefWindowProcA
PostQuitMessage
CreateWindowExA

advapi32

RegLoadKeyA
RegCloseKey

Sections

.zenc
Size: 420KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6b3588b94ed5e82445f83f02e05f4e4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.zenc Size: 420KB - Virtual size: 416KB

.text Size: 232KB - Virtual size: 228KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 292KB - Virtual size: 299KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 10KB

.zenc
Size: 420KB - Virtual size: 416KB

.text
Size: 232KB - Virtual size: 228KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 292KB - Virtual size: 299KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 10KB