a334afee5f122879532303a787d3c37716a7b5d700abe620dfc51163fd864746

Sharing

Copy URL

Twitter E-mail

General

Target

a334afee5f122879532303a787d3c37716a7b5d700abe620dfc51163fd864746
Size

1019KB
MD5

4202a8d3b1c6a21fb43c0830dea96a35
SHA1

2712072e47ae3e8cfa3a176b4038fb1b7195b26b
SHA256

a334afee5f122879532303a787d3c37716a7b5d700abe620dfc51163fd864746
SHA512

9f3e3de82bfc39123c40d7ea087f8b700f4eccf009183d829e44879bd994cc585b95abbb8af2ee3b6672ba6a4ad57dd64fae6ee87d1526dd365cf6e5ac8e6940
SSDEEP

24576:16N75i3p/lqNxDekBMQJhArtxve0DXseZ:QF5i3pwNxoQJhYt5Br

Score

N/A

Malware Config

Signatures

Files

a334afee5f122879532303a787d3c37716a7b5d700abe620dfc51163fd864746
.dll windows x86

1669a852bb9fb9b6682faca26213f731

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

GetLastError Ա

kernel32

GetLastError
VirtualFree
VirtualQuery
VirtualAlloc
SetLastError
GetFileSize
GetModuleFileNameA
OpenFileMappingA
lstrlenA
LoadLibraryA
VirtualProtectEx
VirtualProtect
OpenProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
CreateFileA
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
Sleep
lstrcpyA
CreateToolhelp32Snapshot
Thread32First
Thread32Next
DeleteFileA
GetComputerNameA
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
ExitProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapReAlloc
HeapSize
TlsAlloc
TlsFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
MultiByteToWideChar

user32

PostMessageA
wsprintfA
AttachThreadInput
UpdateWindow
GetWindowThreadProcessId
EndDialog
MoveWindow
ShowWindow
GetDesktopWindow
DialogBoxParamA
UnregisterHotKey
RegisterHotKey
SetTimer
KillTimer

msvcrt

_access
_strlwr
fputwc
ungetwc
fgetwc
isdigit
isalpha
rename

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathA

Exports

Exports

A
A1
A2
A3
AA
AX
CRS

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 447KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1669a852bb9fb9b6682faca26213f731

Headers

File Characteristics

Imports

kernel32 kernel32

kernel32

user32

msvcrt

iphlpapi

shell32

Exports

Exports

Sections

.text Size: 552KB - Virtual size: 552KB

Size: 15KB - Virtual size: 20KB

Size: 447KB - Virtual size: 448KB

Size: 512B - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

.text
Size: 552KB - Virtual size: 552KB