f402d2c4854a7bef75ea22238ba29b080731d7fbcd168c7644bc8201962b13bd

Sharing

Copy URL

Twitter E-mail

General

Target

f402d2c4854a7bef75ea22238ba29b080731d7fbcd168c7644bc8201962b13bd
Size

168KB
MD5

6b78eabbf7f9d460ddcbc2af36bf9001
SHA1

b9bb67437360d9a2959b08da33af355d579b8952
SHA256

f402d2c4854a7bef75ea22238ba29b080731d7fbcd168c7644bc8201962b13bd
SHA512

b3f8bdf69c0a4e94b72bc2e9de72065823293da6d25aac12293dae27a3f43f36522206ebe76af9d2d6af0a35acd4a4572dd08ed892d48212352899bed394729f
SSDEEP

3072:S/Zb2zT9plWJnVRwouPQ2broqM2jordjQ6RDlSfQEjuoY5/k6UxWdW4dlRWRkrVw:qZbykRWPQPqJUrv1lSCT5bo4NWSkFl

Score

N/A

Malware Config

Signatures

Files

f402d2c4854a7bef75ea22238ba29b080731d7fbcd168c7644bc8201962b13bd
.exe windows x86

843d30db17f526aeb5397b7fb5569b13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CloseHandle
WaitForSingleObject
GetExitCodeProcess
GetCommandLineW
SetEndOfFile
FindResourceW
SetLastError
GetDriveTypeA
lstrcmpiW
GlobalAlloc
QueryPerformanceCounter
FreeEnvironmentStringsW
GetLocalTime
CreateFileMappingW
SetErrorMode
InterlockedCompareExchange
GetFileType
GetOEMCP
WaitForMultipleObjects
GetConsoleMode
GetFileAttributesW
GetTickCount
LoadLibraryExA
DeleteFileW
HeapDestroy
MapViewOfFile
GetCurrentDirectoryW
ResumeThread
RaiseException
GetThreadLocale
UnhandledExceptionFilter
InterlockedDecrement
GetThreadPriority
GetCurrentThreadId
LocalAlloc
GetLastError
GetProcessHeap
GetFileAttributesA
UnmapViewOfFile
HeapSize
VirtualAlloc
GetCurrentProcess
GetVersion
InitializeCriticalSection
GetModuleHandleW
GetComputerNameW
OpenEventA
GetVersionExW
TlsGetValue
CompareStringA
GetExitCodeThread
VirtualProtect
FindResourceA
ExpandEnvironmentStringsW
GetCurrentThread
GetCurrentProcessId

msvcrt

malloc
??0exception@@QAE@ABV0@@Z
realloc
__p__osver
sprintf
_wtol
__pioinfo
strtok
_finite
_ftol
rand
fprintf
_isatty
_access
__getmainargs
wcsspn
fwrite
__p__fmode
_ltoa
ctime
_stat
_chsize
exit
_lock
_initterm
fclose
_rotr
iswdigit
strncpy
fseek
_commit
srand

user32

FillRect
GetClassNameW
GetSysColor
GetDlgCtrlID
KillTimer
InsertMenuA
TrackPopupMenu
RegisterClipboardFormatW
GetDlgItemTextA
SetFocus
UnregisterClassA
GetSysColorBrush
EnableWindow
CheckRadioButton
GetCursorPos
DialogBoxParamA
ExitWindowsEx
GetWindowRect
IsWindowEnabled
RegisterWindowMessageA
RegisterClassA
GetDC
EnumChildWindows
SetWindowTextA
IsDlgButtonChecked
CharPrevW
PostQuitMessage
GetWindow
DrawTextA
MessageBeep
UpdateWindow
GetFocus
SetWindowLongW
SetMenu
GetWindowTextW
CharUpperA
GetMenu
SetWindowRgn
CharUpperW
LoadStringA
GetClientRect
ShowWindow
MessageBoxW
GetDesktopWindow
CreateWindowExW
GetActiveWindow
LoadCursorW

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbss
Size: 512B - Virtual size: 143B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 512B - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

843d30db17f526aeb5397b7fb5569b13

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 147KB - Virtual size: 147KB

.textbss Size: 512B - Virtual size: 143B

.textbss Size: 512B - Virtual size: 33KB

BSS Size: 512B - Virtual size: 409B

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 147KB - Virtual size: 147KB

.textbss
Size: 512B - Virtual size: 143B

.textbss
Size: 512B - Virtual size: 33KB

BSS
Size: 512B - Virtual size: 409B

.rsrc
Size: 18KB - Virtual size: 18KB