b18ae8caac57be9c4c4ed02d23a4ed9a033dc265dbd91cf79263dcaa35863bcb

Sharing

Copy URL Twitter E-mail

General

Target

b18ae8caac57be9c4c4ed02d23a4ed9a033dc265dbd91cf79263dcaa35863bcb
Size

150KB
MD5

51524dadf5e5c1a8fd35f6818532d230
SHA1

d9a8e29e481d3ad6a087d2640cd036b4c05d3ca3
SHA256

b18ae8caac57be9c4c4ed02d23a4ed9a033dc265dbd91cf79263dcaa35863bcb
SHA512

494687e1131ed3ae0caad9de8635c1667eacc1796aee38fdaab94daead631534c797e969d4abb2d7d6cc6b1a8995b84c91f77734203944541f885ac32433f442
SSDEEP

1536:SbC9h9o0KHPb6Usvg7N+uRaIMyO53tbGJGccNMM+:LM/gZuRav3tMPcNMX

Score

N/A

Malware Config

Signatures

Files

b18ae8caac57be9c4c4ed02d23a4ed9a033dc265dbd91cf79263dcaa35863bcb
.exe windows x86

50f730c38556e8dbd50256db8565735d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetStringTypeW
HeapSize
GetStartupInfoA
GetThreadLocale
GetVersion
LocalAlloc
VirtualAlloc
CreateDirectoryA
GetFileAttributesA
DisableThreadLibraryCalls
FreeLibrary
LocalLock
LocalUnlock
GetFullPathNameW
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleOutputCP
LCMapStringA
GetEnvironmentStringsW
GetFileType
SetHandleCount
VirtualFree
IsValidLocale
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetTimeZoneInformation
RaiseException
GetCommandLineA
IsDebuggerPresent
GetSystemInfo
LeaveCriticalSection
ExitProcess
FlushFileBuffers
WriteConsoleW
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
ReadFile
VirtualQuery
VirtualProtect
GetStartupInfoW
GetStringTypeA
HeapReAlloc
InitializeCriticalSection
EnterCriticalSection
WriteFile
LCMapStringW
MultiByteToWideChar
GetCPInfo
HeapCreate
HeapDestroy
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetStdHandle
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetVersionExA
lstrcmpiA
GetAtomNameA
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleA
CreateFileMappingA
GetFullPathNameA
GetLastError
CloseHandle
CreateFileA
InterlockedExchange
Sleep
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
UnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
FlushViewOfFile
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetLocaleInfoA
RemoveDirectoryW

user32

GetKeyboardType
GetClipboardFormatNameA
GetClassLongA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen

msvcrt

_getch
tolower
exit
strchr
qsort
sscanf
isalpha
vsprintf
sprintf
toupper
strncpy
ctime
strpbrk
swprintf
strncmp
strstr
towlower
isprint
wcscpy
fprintf
free
printf
malloc
memset

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50f730c38556e8dbd50256db8565735d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

msvcrt

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 32KB - Virtual size: 2.2MB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 32KB - Virtual size: 2.2MB

.rsrc
Size: 8KB - Virtual size: 4KB