a80bcebfa89e55c4ec6ec8bb8ee6d4a06006addfe83255931e90dfe4d4b1d5b8

Sharing

Copy URL Twitter E-mail

General

Target

a80bcebfa89e55c4ec6ec8bb8ee6d4a06006addfe83255931e90dfe4d4b1d5b8
Size

2.0MB
MD5

0ec6c2f807feaaa5bf2a4890d44911e3
SHA1

31af158ba094238300d3cbf88321f7c34b264feb
SHA256

a80bcebfa89e55c4ec6ec8bb8ee6d4a06006addfe83255931e90dfe4d4b1d5b8
SHA512

1970d0d6be667c5d7a622ceee7648f2119add2fb807c72257b0977f26972fd3c6f293416744425839fc8d8bc2476bdf288ad50380804c773aac6387cfae2be87
SSDEEP

49152:5dYElHP4lpjcgEr2Ihnm3cISrpKhdXFKJaxMxgawjLGOE:LYElHwLjcgjIlJDstzxMa5E

Score

N/A

Malware Config

Signatures

Files

a80bcebfa89e55c4ec6ec8bb8ee6d4a06006addfe83255931e90dfe4d4b1d5b8
.exe windows x86

ab97efa225023c0e94632098dbef4f2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtOpenFile
RtlOpenCurrentUser
RtlUnicodeStringToOemString
NtWaitForSingleObject
NtCreateFile
RtlCopySid

version

VerQueryValueA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
GetCommandLineA
EnterCriticalSection
VirtualAlloc
GetCurrentProcess
LoadLibraryA
VirtualFree
InterlockedDecrement
ExitProcess
CreateThread
GetExitCodeProcess
GetCurrentProcess
GetModuleHandleA
GetFullPathNameW
VirtualFree
ExitProcess
GetCommandLineA
GetCurrentProcessId
VirtualAlloc
CreateToolhelp32Snapshot

msvcrt

_initterm
wcscmp
_CxxThrowException
_exit
_cexit
__dllonexit
wcsrchr
_wcsnicmp
malloc
_vsnprintf
memmove

gdi32

IntersectClipRect
GetPaletteEntries
AngleArc
CreateFontW
SetViewportOrgEx
LineTo
CreateFontIndirectA
AngleArc
GetPaletteEntries
CombineRgn
DeleteObject
SelectPalette
CreatePen
RealizePalette

Sections

.code
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 980KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 944KB - Virtual size: 946KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab97efa225023c0e94632098dbef4f2f

Headers

File Characteristics

Imports

ntdll

version

kernel32

msvcrt

gdi32

Sections

.code Size: 7KB - Virtual size: 8KB

.data Size: 68KB - Virtual size: 69KB

.rdata Size: 980KB - Virtual size: 6.4MB

.idata Size: 944KB - Virtual size: 946KB

.edata Size: 10KB - Virtual size: 10KB

.rsrc Size: 71KB - Virtual size: 71KB

.code
Size: 7KB - Virtual size: 8KB

.data
Size: 68KB - Virtual size: 69KB

.rdata
Size: 980KB - Virtual size: 6.4MB

.idata
Size: 944KB - Virtual size: 946KB

.edata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 71KB - Virtual size: 71KB