c5eff8bfb608687408a8ac640e9c431600b1fc5356532514c4fc9893e01de01b

Sharing

Copy URL Twitter E-mail

General

Target

c5eff8bfb608687408a8ac640e9c431600b1fc5356532514c4fc9893e01de01b
Size

251KB
MD5

1ca02e764faea747c93256835d7e3fd5
SHA1

2b82a5013aa0c8faf7c8abddc11b84fa3306b3b4
SHA256

c5eff8bfb608687408a8ac640e9c431600b1fc5356532514c4fc9893e01de01b
SHA512

9b729d31a380981b530693401f918e924c04de43cce0c7d97dffc5dfbe5eba1a2eabbee66863b1c9aa6312ed7e83362487a7b4e47257c23ca853f25c13b8a963
SSDEEP

6144:Q/nTcyxLPZfdlqVbXEwQpGNE/MRjp56LIDlDqDjonOjTQwBM/:knTdLPZfdUtXEojCUjnS0b/

Score

N/A

Malware Config

Signatures

Files

c5eff8bfb608687408a8ac640e9c431600b1fc5356532514c4fc9893e01de01b
.exe windows x86

a94794beded0595a50bd05fa17a4be3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
CreateProcessA
LoadLibraryA
LCMapStringW
IsValidCodePage
GetOEMCP
CloseHandle
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
GetExitCodeProcess
GetProcAddress
GetLastError
GetTickCount
GetCurrentProcess
HeapAlloc
WaitForSingleObject
ExitProcess
HeapSize
CreateDirectoryA
RemoveDirectoryA
HeapReAlloc
GetModuleHandleW
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
CreateFileA
CreateFileW
GetStdHandle
GetModuleFileNameW
HeapCreate
EncodePointer
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetFileAttributesA
DeleteCriticalSection
LoadLibraryW
SetHandleCount
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleW
MultiByteToWideChar
SetFilePointer
RtlUnwind
SetEndOfFile
GetProcessHeap
ReadFile
GetCPInfo
GetACP

user32

GetPropA
LoadMenuA
EnumWindows
GetDC
GetMenu
MessageBoxA
GetSysColor
CreatePopupMenu
AppendMenuA
GetSystemMetrics
UpdateWindow
FindWindowA

gdi32

TextOutA
ExtFloodFill
SetPixel
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
CreateSolidBrush

advapi32

SetEntriesInAclA

comctl32

ord17

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a94794beded0595a50bd05fa17a4be3b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 153KB - Virtual size: 178KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 153KB - Virtual size: 178KB

.rsrc
Size: 1KB - Virtual size: 1KB