504c105c763690c4eddee21fefec61464eb86643d150682ace69c09aa61d529c

Sharing

Copy URL Twitter E-mail

General

Target

504c105c763690c4eddee21fefec61464eb86643d150682ace69c09aa61d529c
Size

95KB
MD5

51f39bf7f1f30911b6bd1837dba07410
SHA1

b1fc9113643d7804f9a37ae110d4cae4cef85597
SHA256

504c105c763690c4eddee21fefec61464eb86643d150682ace69c09aa61d529c
SHA512

b9c452ea65c7d623bee1066cac2c86113b083999efe469384ac16a076701ab376d60e21686491a73ce90e62a7fb9e30a58432ba67f36f7c78339d07038523093
SSDEEP

1536:23Ml6reBmbnwvZST0+YXTOqpR2JWgzx4QsOSnwuiD5qCJsVQTd+uG:4eBmjwvZ1DXH3ghs1wuq/JSQ8uG

Score

N/A

Malware Config

Signatures

Files

504c105c763690c4eddee21fefec61464eb86643d150682ace69c09aa61d529c
.exe windows x86

30bdf2898467a8e90b06f7b6dd96fd14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnionRect
SystemParametersInfoA
SetMenuDefaultItem
PackDDElParam
TrackMouseEvent
GetMessageTime
EnumWindows
CheckMenuRadioItem
ScrollDC
SendMessageCallbackW

shell32

DragQueryFileW
DoEnvironmentSubstW
ExtractIconA
Shell_NotifyIconA
DuplicateIcon
ExtractAssociatedIconA
ExtractIconExW

gdi32

AddFontResourceExW
AddFontMemResourceEx
CreateColorSpaceA
AbortDoc
CloseMetaFile

mpr

WNetGetProviderNameW
WNetDisconnectDialog
WNetGetLastErrorW
WNetEnumResourceW
WNetGetProviderNameA

kernel32

HeapReAlloc
HeapAlloc
LoadLibraryW
HeapFree
CreateFileW
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
SetFilePointer
MultiByteToWideChar
CloseHandle
GetStringTypeW
LCMapStringW
HeapSize
IsValidCodePage
GetFileType
WriteConsoleW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
LocalFlags
GetCPInfoExW
CreateRemoteThread
VirtualFree
GetCommProperties
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetLastError
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
DeleteCriticalSection
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30bdf2898467a8e90b06f7b6dd96fd14

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

gdi32

mpr

kernel32

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 16KB

.rsrc Size: 86KB - Virtual size: 86KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 16KB

.rsrc
Size: 86KB - Virtual size: 86KB