177d13f17d3a9543f8d63dff0e88fea9677cd3e9839c49d731903d28f20602f0

General

Target

177d13f17d3a9543f8d63dff0e88fea9677cd3e9839c49d731903d28f20602f0
Size

113KB
MD5

6f25546a1b7ca42bafe398ea3be534d5
SHA1

e21aff0b1c5e83e9fece71d700a0dccebbcea21b
SHA256

177d13f17d3a9543f8d63dff0e88fea9677cd3e9839c49d731903d28f20602f0
SHA512

d136d783c12deacfe2a05c81e05e6129c164707f0f597d8f4f7a97c581f4ad0c12b2195a98e995ecae4f5bf09ccd2d16eb1eb27ced647456d416685bc10eed92
SSDEEP

1536:t7RyCvJ0VymyNKfGQ3iM5Fcn8d86VLIaQn4dsOjjkoT+RN0vONk9yYaL6pcK+rov:t7tpQOWck8IRdtjANkcFwct2X

Score

N/A

Malware Config

Signatures

Files

177d13f17d3a9543f8d63dff0e88fea9677cd3e9839c49d731903d28f20602f0
.exe windows x86

85d45eb5ab38167e1ee1fa4b55f420a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memset
memcmp
memcpy
_strcmpi
_strlwr

msvcrt

vsprintf
strlen
wcscpy
wcscat
free
strstr
malloc
??3@YAXPAX@Z
??2@YAPAXI@Z
strcpy

kernel32

GetProcessHeap
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
WriteFile
SetFileTime
GetCurrentProcess
DuplicateHandle
CreateFileW
CreateFileA
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
CreateDirectoryW
CreateDirectoryA
GetLastError
lstrcpyA
lstrlenA
LocalFileTimeToFileTime
lstrcmpA
ReadFile
SetFilePointer
GlobalFree
GlobalAlloc
SystemTimeToFileTime
GetWindowsDirectoryA
MultiByteToWideChar
lstrcmpiA
FreeLibrary
VirtualFree
IsBadReadPtr
LoadLibraryA
EnumTimeFormatsA
CloseHandle
GetLocalTime
SetThreadAffinityMask
ExitProcess
GetVersionExA
GetModuleFileNameA
GetProcAddress
VirtualAlloc
VirtualProtect
HeapAlloc

user32

PeekMessageA
SetWindowTextA
CloseWindow
DialogBoxParamA
ShowWindow
SendMessageA

gdi32

CreateBitmap

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85d45eb5ab38167e1ee1fa4b55f420a5

Headers

File Characteristics

Imports

ntdll

msvcrt

kernel32

user32

gdi32

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 76KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 372B

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 372B