948971c48df62afad6ea08f58c309e1491f3f393cef6d504157a6f50887b6d64

Sharing

Copy URL

Twitter E-mail

General

Target

948971c48df62afad6ea08f58c309e1491f3f393cef6d504157a6f50887b6d64
Size

32KB
MD5

54a8047a92492d8a7660973deb426804
SHA1

47bf4ca4b6a777ce1e0f5e61f531e7f925d17137
SHA256

948971c48df62afad6ea08f58c309e1491f3f393cef6d504157a6f50887b6d64
SHA512

b486f69c6748c92c32450317905eeb50fe6d50b9261e1bd87d8d8f3963df15423917e2a6b4134b660f33908c2c482962ed70357439ffe436f0dfad082c9405a1
SSDEEP

768:v2e2FExMcHD9OCqN1NcdQwQXl017ZIsjlm:HZHJOCwcQZolm

Score

N/A

Malware Config

Signatures

Files

948971c48df62afad6ea08f58c309e1491f3f393cef6d504157a6f50887b6d64
.exe windows x86

c84211ad7b003bbbed0925de661dde9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsRecordListFree
DnsQuery_A

wininet

InternetCheckConnectionA

kernel32

GetThreadLocale
GetVersionExA
lstrlenW
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
lstrcatA
lstrcpyA
FreeLibrary
GetProcAddress
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
lstrcpynA
Sleep
lstrlenA
GetSystemDefaultLCID
GetVolumeInformationA
GetWindowsDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
ExitProcess
FlushViewOfFile
GetModuleFileNameA
GetModuleHandleA
MapViewOfFile
CreateFileMappingA
CreateFileA
WaitForSingleObject
CreateMutexA
SetErrorMode
HeapAlloc
GetProcessHeap
HeapFree
LCMapStringA
GetSystemInfo
VirtualProtect
LoadLibraryA
GetCPInfo
GetOEMCP
GetLocaleInfoA
GetACP
InterlockedExchange
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
LCMapStringW
GetCurrentThreadId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
HeapSize
VirtualQuery
RtlUnwind
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

GetForegroundWindow
wsprintfA
SetForegroundWindow
GetCursorPos

advapi32

RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantClear
VariantInit
VarBstrCat
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c84211ad7b003bbbed0925de661dde9e

Headers

File Characteristics

Imports

dnsapi

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 2KB