d20df60f0c6d4d064093951bb6ed32372c1f0cf60ecb045f737c8b0fa68de878

General

Target

d20df60f0c6d4d064093951bb6ed32372c1f0cf60ecb045f737c8b0fa68de878
Size

191KB
MD5

5dbb3c605db31f532010dfd4236cba87
SHA1

3f6badf36f9729aecc2e94145936d7bb81c11d3a
SHA256

d20df60f0c6d4d064093951bb6ed32372c1f0cf60ecb045f737c8b0fa68de878
SHA512

c7dacde5cf7c7b8f9f5b9a8d9d8455c050bcb732bf9bfeec78924d2bd44ef56ca7e7b21f129422d35576f451bf0eea47f57d573db8d46d91a911ff6144c6a15f
SSDEEP

3072:VqsRCxdBiwkccLGzRdsR0Ee46vdO8qn/JVkMW9mPfBAitgeRBD/DJqCN:osRAcbryRw0EhYWHBAct/99

Score

N/A

Malware Config

Signatures

Files

d20df60f0c6d4d064093951bb6ed32372c1f0cf60ecb045f737c8b0fa68de878
.exe windows x86

b4c8addb69819b0ac62c4d3cc8be7671

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
EnumSystemCodePagesA
CreateNamedPipeW
CompareStringW
IsBadCodePtr
WaitForDebugEvent
GetShortPathNameW
GetStringTypeW
GetVolumeNameForVolumeMountPointW
OpenSemaphoreA
GetModuleHandleW
ExitProcess
Process32First
DisconnectNamedPipe
ReadConsoleOutputW
MoveFileWithProgressW
UnlockFile
GetDateFormatA
QueryInformationJobObject
CreateDirectoryA
FindFirstVolumeW
GetModuleHandleA
RaiseException
FlushFileBuffers
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
ReadFile
GetProcAddress
HeapAlloc
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
CloseHandle
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetLastError
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
GetVersion
WideCharToMultiByte
GetStringTypeA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameA

user32

CharPrevW
GetOpenClipboardWindow
CreateIconFromResourceEx
CallWindowProcW
IsZoomed
WaitMessage
MonitorFromWindow
CheckRadioButton
CopyRect
GetKeyboardLayoutNameW
SetWindowLongA
ToAsciiEx
GetMessageA
GetTopWindow
EnumWindowStationsW
UpdateWindow
LoadBitmapA
GetAncestor
CreateIconIndirect
UnregisterClassA
RegisterWindowMessageA
CallMsgFilterW
MessageBeep

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4c8addb69819b0ac62c4d3cc8be7671

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 18KB - Virtual size: 59KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 18KB - Virtual size: 59KB