78908b4183e22a43a120884c327e163eae27c176c3b091034b73c779e52d70f6

General

Target

78908b4183e22a43a120884c327e163eae27c176c3b091034b73c779e52d70f6
Size

540KB
MD5

e0952e579db5542477d206742e25f9fa
SHA1

72a650d2e69040c387722e1901129b1090c37b13
SHA256

78908b4183e22a43a120884c327e163eae27c176c3b091034b73c779e52d70f6
SHA512

b8a18a49304f70d95a24e2a8557a64ab9fd5da17df0062572a81cd8f6c9e3dde8b8a2348403a72d4ae8b87f5c1521eefa818b4e61587f19485fe4cd7d46358f3
SSDEEP

12288:Kr+n4sHDC7MruX/H4OSEvAHrhJQ0MuB9ypVHhAYbCmvFfCoS:KanzXaH4OSE4Hr9ypVHOu5p

Score

N/A

Malware Config

Signatures

Files

78908b4183e22a43a120884c327e163eae27c176c3b091034b73c779e52d70f6
.exe windows x86

fcb9489cac01df4a0e8a2bea838e3891

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
IsBadReadPtr
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
CreateProcessA
HeapReAlloc
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryA
HeapAlloc
ExitProcess
GetModuleHandleA
GetProcessHeap
RtlMoveMemory
GetStartupInfoA
lstrcpyn
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
LCMapStringA
LCMapStringW
RaiseException
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers

user32

MessageBoxA
wsprintfA

advapi32

CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
CryptGetHashParam

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 480KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcb9489cac01df4a0e8a2bea838e3891

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 480KB - Virtual size: 484KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 480KB - Virtual size: 484KB