b5e45a1ce12df09072f932b43985d951e2ca8346a0bdc48e408cfbe78d6348a7

Sharing

Copy URL Twitter E-mail

General

Target

b5e45a1ce12df09072f932b43985d951e2ca8346a0bdc48e408cfbe78d6348a7
Size

487KB
MD5

c238bb677b12943061b96df06cabb376
SHA1

73a88c2e4f2a7f5605898f91507ec98c221ad1b0
SHA256

b5e45a1ce12df09072f932b43985d951e2ca8346a0bdc48e408cfbe78d6348a7
SHA512

5a532bb0e8f6a6eeaf16041e53e097d9ad23eaf047765d1c5a11ece8e7c7fd4876e7d00ff731de29c02e6598da0d6bf1e231296dd7fd8225cff64e1fa0e40b23
SSDEEP

6144:uWvatmHtG/5TD/tCT5armqH0WDzYbR+9YUDUGpNOn/9/fuMrbQTTYHnGQUr7:baCG/5Ty5Zk0HFeztpNUhWMr8IpU

Score

N/A

Malware Config

Signatures

Files

b5e45a1ce12df09072f932b43985d951e2ca8346a0bdc48e408cfbe78d6348a7
.exe windows x86

c636a869c7677536d28a249a434cee9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

FlushFileBuffers
GetStringTypeW
LCMapStringW
LoadResource
VirtualQueryEx
ReadFile
GlobalGetAtomNameW
GetStartupInfoW
HeapSize
TerminateProcess
VirtualProtect
IsDebuggerPresent
CompareStringW
GetSystemInfo
CreateSemaphoreA
GetModuleHandleA
GetVersionExA
AddAtomW
OpenMutexA
GetTickCount
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetLocaleInfoA
CreateMutexA
IsValidCodePage
LockFileEx
DeleteCriticalSection
ExitProcess
GetCurrentDirectoryW
QueryPerformanceCounter
EnumSystemLocalesA
SetLastError
ExpandEnvironmentStringsA
CloseHandle
HeapCreate
GetFileType
GetEnvironmentStrings
GetDateFormatA
LCMapStringA
HeapReAlloc
GetModuleFileNameA
GetTimeFormatA
GetVersionExW
HeapDestroy
GetStringTypeA
IsValidLocale
WriteConsoleOutputW
RtlUnwind
HeapAlloc
SetFileTime
InitializeCriticalSection
GetOEMCP
SetHandleCount
TlsAlloc
SetFilePointer
GlobalSize
lstrcpyA
CompareFileTime
GetUserDefaultLCID
LoadLibraryA
GetACP
VirtualAlloc
TlsFree
GetCurrentProcess
GetLocaleInfoW
WriteConsoleOutputCharacterW
WriteFile
MultiByteToWideChar
GetCurrentThread
GetStartupInfoA
GetSystemTimeAsFileTime
InterlockedExchange
SetStdHandle
TlsSetValue
GetEnvironmentStringsW
GetCommandLineA
FileTimeToSystemTime
FreeEnvironmentStringsA
GetCPInfo
LeaveCriticalSection
VirtualQuery
EnterCriticalSection
GetProcAddress
SetLocalTime
GetModuleFileNameW
TlsGetValue
UnhandledExceptionFilter
IsBadWritePtr
FreeEnvironmentStringsW
GetExitCodeThread
WideCharToMultiByte
CompareStringA
SetEnvironmentVariableA
lstrcmpiW
GetTimeZoneInformation
VirtualFree
GetCommandLineW
GetDiskFreeSpaceExA
HeapFree
GetStdHandle

user32

RegisterClassExA
RegisterClassA
IsCharUpperW

Sections

.text
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c636a869c7677536d28a249a434cee9a

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 334KB - Virtual size: 334KB

.rdata Size: 32KB - Virtual size: 47KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 334KB - Virtual size: 334KB

.rdata
Size: 32KB - Virtual size: 47KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 18KB - Virtual size: 17KB