b4e34eabde86e6f25afcd397bf5cbb5c260dbe1164be1f93e6dc5e85cde09941

General

Target

b4e34eabde86e6f25afcd397bf5cbb5c260dbe1164be1f93e6dc5e85cde09941
Size

192KB
MD5

b8e193933ce2fb5e7d25f0c400b6cdb4
SHA1

e196bb0e55427bcbfc6e13db81dd7ce4029b1470
SHA256

b4e34eabde86e6f25afcd397bf5cbb5c260dbe1164be1f93e6dc5e85cde09941
SHA512

b8293727734110c03acf5784fd59bcfd2b31ce2e334adcc0d6ef5263584f4d79ba4328ce7ee4b7ce1e89178ee0e2dd0f384f311d9763e2aa806452debd3eab31
SSDEEP

3072:wCVc0dMJCAqc4bHmekXuchsjDx3iAwtsQHQfeZim2M3400ZYOYIiINbR8xUX8:3v+j4bHmbhsjDxyDueZiFMozOIb9Q

Score

N/A

Malware Config

Signatures

Files

b4e34eabde86e6f25afcd397bf5cbb5c260dbe1164be1f93e6dc5e85cde09941
.exe windows x86

664b0b74b8e2b33fb3729ba84cb46210

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatW
InterlockedExchange
GetVolumeInformationW
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
FindCloseChangeNotification
FindFirstChangeNotificationW
GetSystemTimeAsFileTime
FindNextFileW
GetCommandLineW
FindClose
FindFirstFileW
WriteConsoleA
VirtualFree
GetSystemTime
VirtualAlloc
SetEndOfFile
LoadLibraryA
GetProcAddress
CreateFileA
FlushFileBuffers
SetStdHandle
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
WriteFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
RtlUnwind
GetModuleFileNameA
GetStringTypeA
GetStringTypeW
HeapAlloc
HeapReAlloc
IsBadWritePtr
ReadFile

shlwapi

PathFindExtensionW
wnsprintfW
StrStrW
StrDupW
PathIsUNCW

Exports

Exports

@Bawebo@8
@Ivelovokum@8
@Yguzasovokevice@8
@Ymopojebez@8
@ynyjyfeby@8
@ytenynopuviwa@8

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

664b0b74b8e2b33fb3729ba84cb46210

Headers

File Characteristics

Imports

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 96KB - Virtual size: 425KB

.rsrc Size: 4KB - Virtual size: 824B

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 96KB - Virtual size: 425KB

.rsrc
Size: 4KB - Virtual size: 824B