a633048b53da5d901473249d224644366a4b7f65269205437010164fe4db29c1

Sharing

Copy URL Twitter E-mail

General

Target

a633048b53da5d901473249d224644366a4b7f65269205437010164fe4db29c1
Size

810KB
MD5

513f4169621bdbfc0419201c6a4b560e
SHA1

dc5281d2331991f0cb95ae1b5b05d50ea4355dde
SHA256

a633048b53da5d901473249d224644366a4b7f65269205437010164fe4db29c1
SHA512

a88a6337ce42a764e2e524cafe0a21490bed2814b5636fdb32ee836c5e18974e32d4658715cc589de3dbd0db4abe25e6fd33639bf3134d358646bc22e734eb13
SSDEEP

12288:LLuqHMnsobOiu6Tsk1Y42lLOE8MOxWGuQusg5MsRr7gxn:LCHbOnev1Y4iOE8Lt1uJ7RPg

Score

N/A

Malware Config

Signatures

Files

a633048b53da5d901473249d224644366a4b7f65269205437010164fe4db29c1
.exe windows x86

c8987b99c1400ee1b2f22927c863dcc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
HeapAlloc
CreateEventW
LocalAlloc
LeaveCriticalSection
HeapAlloc
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetTickCount
lstrlenA
UnhandledExceptionFilter
GetProcessHeap
VirtualProtect
GetSystemTimeAsFileTime
InitializeCriticalSection
GetProcAddress
GetModuleHandleA
ReadFile
InterlockedExchange
lstrlenA
GetModuleFileNameA
DisableThreadLibraryCalls
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetProcAddress
GetVersionExA
EnterCriticalSection
LocalAlloc
GetCurrentProcessId
LeaveCriticalSection
InitializeCriticalSection
Sleep
FreeLibrary
VirtualProtect
GetCurrentThreadId
InterlockedCompareExchange
GetCurrentProcessId
GetCurrentProcess
GetVersionExA
GetVersionExA
HeapFree
GetModuleHandleW
LocalAlloc
Sleep
lstrlenA
Sleep
GetModuleHandleW
CreateEventW
HeapAlloc
GetProcAddress
InterlockedIncrement
lstrcmpiW
VirtualProtect
LeaveCriticalSection
GetSystemTimeAsFileTime
lstrcmpiW
HeapDestroy
HeapFree
Sleep
GetCurrentProcessId
CreateFileW
UnhandledExceptionFilter
HeapFree
Sleep
DisableThreadLibraryCalls
MultiByteToWideChar
Sleep
LoadLibraryW
HeapFree
lstrlenA
lstrcmpiW
VirtualProtect
ReadFile
CreateThread
DeleteCriticalSection
InterlockedIncrement
LocalFree
HeapFree
LocalFree
DeleteCriticalSection
GetModuleFileNameA
HeapAlloc
LocalFree
CreateEventW
InterlockedDecrement
QueryPerformanceCounter

user32

LoadCursorW
IsWindow
EnableWindow
TranslateMessage
SetDlgItemTextW
DefWindowProcW
BeginPaint
LoadIconW
InvalidateRect
SetFocus
BeginPaint
SetWindowLongW
PostQuitMessage
SetCursor
GetFocus
GetClientRect
LoadStringW
GetDC
BeginPaint
DefWindowProcW
GetSysColor
GetDesktopWindow
GetDC
ShowWindow
ShowWindow
LoadStringW
InvalidateRect
DispatchMessageW
GetFocus
BeginPaint
PostMessageW
SetFocus
wsprintfA
InvalidateRect
GetClientRect
GetWindowLongW
SetWindowTextW
SetCursor
DefWindowProcW
SetTimer
BeginPaint
InvalidateRect
PostMessageW
PeekMessageW
TranslateMessage
SetTimer
PeekMessageW
LoadCursorW
SetCursor
EndDialog
EndPaint
BeginPaint
EndPaint
IsWindow
PeekMessageW
KillTimer
ShowWindow
EnableWindow
GetDesktopWindow
CharNextW
SetFocus
EndPaint
GetFocus
LoadCursorW
PostQuitMessage
PeekMessageW
SetCursor
PeekMessageW
PostQuitMessage
KillTimer
GetSysColor
CharNextW
GetFocus
SetFocus
DefWindowProcW
CharNextW
SendMessageW
DestroyWindow
GetFocus
BeginPaint
DefWindowProcW
PeekMessageW
ShowWindow
PostQuitMessage
GetDC
DestroyWindow
PeekMessageW

Sections

.text
Size: 722KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8987b99c1400ee1b2f22927c863dcc0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 722KB - Virtual size: 976KB

.rdata Size: 4KB - Virtual size: 8KB

.pdata Size: - Virtual size: 4KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 722KB - Virtual size: 976KB

.rdata
Size: 4KB - Virtual size: 8KB

.pdata
Size: - Virtual size: 4KB

.rsrc
Size: 82KB - Virtual size: 84KB