beb04ed54394ac9ef48e9496208747f11ceb69d1e62d2d0cf9150b9c3b505c2d

General

Target

beb04ed54394ac9ef48e9496208747f11ceb69d1e62d2d0cf9150b9c3b505c2d
Size

158KB
MD5

22b04afe099bfd705aae99870f7cb023
SHA1

6138032d0baad397ce817263faca7cc5faa3a634
SHA256

beb04ed54394ac9ef48e9496208747f11ceb69d1e62d2d0cf9150b9c3b505c2d
SHA512

7c8d83b45817c15998cf3f8e2e889e2b60d46f3f2ebdb940ce77d57ff100b5af1bcc3d5a27aabb0239153d1d9a967f877c060bfb1976b731c66793168eea01a9
SSDEEP

3072:2mHg/KYF7dRAD6nj6ZD62NzEke25TZepnjoLz3M+ehUgsI3lHqaWwKlXXS+EJ/42:3HiRFe6njmzTe25TuELz3HGuUKaJK1i9

Score

N/A

Malware Config

Signatures

Files

beb04ed54394ac9ef48e9496208747f11ceb69d1e62d2d0cf9150b9c3b505c2d
.exe windows x86

d05e195e4b90e59a0106fdfef7449f9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord195

user32

GetParent
IsIconic
IsChild
AnyPopup
GetDesktopWindow

kernel32

GetLastError
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
GetCurrentThread
CreateEventA
GetStdHandle
GetModuleHandleA
VirtualAlloc
GetCurrentProcessId
GetVersionExA
GetCommandLineA
GetEnvironmentStrings
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetEnvironmentVariableA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
Sleep
IsValidLocale
IsValidCodePage

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d05e195e4b90e59a0106fdfef7449f9e

Headers

DLL Characteristics

File Characteristics

Imports

msi

user32

kernel32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 111KB - Virtual size: 197KB

.rsrc Size: 1024B - Virtual size: 648B

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 111KB - Virtual size: 197KB

.rsrc
Size: 1024B - Virtual size: 648B