1249af46ff1b3cf87527405cbb1420fe6234963d9db8b1e7b8f9f0a9a74cfcec

Sharing

Copy URL Twitter E-mail

General

Target

1249af46ff1b3cf87527405cbb1420fe6234963d9db8b1e7b8f9f0a9a74cfcec
Size

508KB
MD5

b510d6619f04a751305a8121c967cfa8
SHA1

827580fd25ca3fe01f5bdb1a68e02b753ae95ef9
SHA256

1249af46ff1b3cf87527405cbb1420fe6234963d9db8b1e7b8f9f0a9a74cfcec
SHA512

e60d6e53f00119273cf38d4fa4540c84e3c094c2f8ca3989a27a1ea7f470baed2877943e7bda2f8e63de6343e5afd754880ae30c7fcdfa4b44ac6ad79eedcf57
SSDEEP

6144:XTJfsseS4OQUoOUM/9LPWiJ8PzfOtm8FgGX4iL7dWFnKt:X1lqOQUvpgzfOcI3Ii3duu

Score

N/A

Malware Config

Signatures

Files

1249af46ff1b3cf87527405cbb1420fe6234963d9db8b1e7b8f9f0a9a74cfcec
.exe windows x86

d00bd3bc99e8e769b37a0da819ae04a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
FindResourceExA
CompareStringA
lstrlenW
CompareStringW
lstrlenA
LoadResource
GetLocaleInfoA
GetUserDefaultUILanguage
SetEnvironmentVariableA
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetLocaleInfoW
GetTimeZoneInformation
LoadLibraryA
CloseHandle
SetFilePointer
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetACP
GetThreadLocale
GetVersionExA
RaiseException
VirtualAlloc
GetProcAddress
GetModuleHandleA
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetCPInfo
LCMapStringA
LCMapStringW
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetFullPathNameA
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile

user32

MessageBoxExA
UnregisterClassA

advapi32

ReportEventA
DeregisterEventSource
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegisterEventSourceA

shell32

SHGetFolderPathW
ShellExecuteA

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d00bd3bc99e8e769b37a0da819ae04a3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

oleaut32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 352KB - Virtual size: 352KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 352KB - Virtual size: 352KB