b12dc8b8a7c35f767b22a75b6d689f3710778bda9de6664fee14b08cb7476ab8

General

Target

b12dc8b8a7c35f767b22a75b6d689f3710778bda9de6664fee14b08cb7476ab8
Size

164KB
MD5

df3caab5dc23523b8af61f8834bdbdc6
SHA1

159253c8e5d893d9b597ac49e78e5e4c83881acc
SHA256

b12dc8b8a7c35f767b22a75b6d689f3710778bda9de6664fee14b08cb7476ab8
SHA512

bfb99cb86ae9c7e1535d2e53a786941fcb6636b6a8eadefe4f5e55ad68dae9c2c2638795c7e96c3383c6bbb7228b7e2900169edfd1101c2b80ca30af4a514eae
SSDEEP

3072:ifZ0iyeMjJKK8HcPB60I84oTTuvPz2E4dstLk5Xpn8w21JTztf3:i0iEJKZ8PBW84ATuvPqKk55nO

Score

N/A

Malware Config

Signatures

Files

b12dc8b8a7c35f767b22a75b6d689f3710778bda9de6664fee14b08cb7476ab8
.exe windows x86

5a297d6e62aeb64c4c6a9b7c1cd4b871

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
WriteConsoleA
HeapFree
GetTempPathW
HeapAlloc
GetProcessHeap
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
WideCharToMultiByte
GetTimeZoneInformation
GetProcAddress
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
GetModuleFileNameA
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEnvironmentVariableA

shlwapi

StrStrW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a297d6e62aeb64c4c6a9b7c1cd4b871

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

version

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 75KB

.rsrc Size: 4KB - Virtual size: 808B

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 75KB

.rsrc
Size: 4KB - Virtual size: 808B