8f0be393d4032e1e3e317df91a880b5612e592fb02f8c1ac9672129b729ae87e

Sharing

Copy URL Twitter E-mail

General

Target

8f0be393d4032e1e3e317df91a880b5612e592fb02f8c1ac9672129b729ae87e
Size

838KB
MD5

5e128533a8c09c54a0dd458b75e2e909
SHA1

63cedebf274cbcd5da781387568c3b8175e4e311
SHA256

8f0be393d4032e1e3e317df91a880b5612e592fb02f8c1ac9672129b729ae87e
SHA512

b00d5f18c4b64643bfa56cb394ce419d08b6c34e8051a00c6e290c98ebb59f9ea562fec4502b1ba406d13319550f3144460189f9b709b82d736791b6b1a85927
SSDEEP

12288:5fEoQ9WtMNhzyToHrzi5ATzHzleLKa3wieICqdpv/WQN0tS4VUjRgtDci7qi9T0:5AnzykzcAT3Iepiys/X4V5DnP

Score

N/A

Malware Config

Signatures

Files

8f0be393d4032e1e3e317df91a880b5612e592fb02f8c1ac9672129b729ae87e
.exe windows x86

011f0e2db2bd7c8a373b6540704d36f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CompareStringW
LCMapStringW
ExpandEnvironmentStringsA
RtlUnwind
GetTimeFormatA
VirtualFree
GetCurrentProcess
GetStartupInfoA
VirtualAlloc
SetEnvironmentVariableA
IsValidLocale
HeapReAlloc
GetLastError
GetProfileSectionW
GetFileType
FreeEnvironmentStringsW
MultiByteToWideChar
GetModuleFileNameA
GetCPInfo
GetSystemInfo
ExitProcess
GetDateFormatA
GetStringTypeW
GetVersionExA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStdHandle
FreeEnvironmentStringsA
HeapSize
QueryPerformanceCounter
GetSystemDefaultLCID
TlsFree
SetCriticalSectionSpinCount
TlsAlloc
VirtualProtect
EnumSystemLocalesA
HeapAlloc
GetLocaleInfoW
HeapFree
WaitForDebugEvent
SetHandleCount
GetCurrentProcessId
SetFileTime
GetTimeZoneInformation
GetStringTypeA
TlsSetValue
HeapDestroy
EnterCriticalSection
GetEnvironmentStrings
GetUserDefaultLCID
GetACP
IsValidCodePage
TlsGetValue
CommConfigDialogA
LoadLibraryW
GetModuleHandleA
WriteFile
GetCurrentThread
GetPrivateProfileSectionW
GetLogicalDrives
SetLastError
CreateFileW
WriteProfileStringW
DeleteCriticalSection
HeapCreate
GetProcAddress
GetEnvironmentStringsW
GetLocaleInfoA
CompareStringA
LCMapStringA
InterlockedExchange
InitializeCriticalSection
TerminateProcess
GetOEMCP
VirtualQuery
WideCharToMultiByte
UnhandledExceptionFilter
lstrcpy
LeaveCriticalSection
GetCurrentThreadId
IsBadWritePtr

gdi32

PolyBezier
GetObjectType
CreateDIBPatternBrushPt
FillPath
PlayEnhMetaFile
GetICMProfileW
CreatePen
SetFontEnumeration
CreateEnhMetaFileA
GetFontLanguageInfo
GetGlyphOutlineW

advapi32

LookupPrivilegeValueW
RegDeleteValueW
CryptDeriveKey
RegNotifyChangeKeyValue
CryptSetProviderExW
RegDeleteKeyA
CryptAcquireContextA
CryptGetDefaultProviderW
CryptContextAddRef
RegConnectRegistryA
RegEnumKeyExA

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 716KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

011f0e2db2bd7c8a373b6540704d36f6

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 114KB - Virtual size: 114KB

.data Size: 716KB - Virtual size: 720KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 114KB - Virtual size: 114KB

.data
Size: 716KB - Virtual size: 720KB

.rsrc
Size: 6KB - Virtual size: 5KB