a8206f3cfd9ed33c16512c03c37fc9d5c000d12b49b396afd18012e4d85a5db5

Sharing

Copy URL Twitter E-mail

General

Target

a8206f3cfd9ed33c16512c03c37fc9d5c000d12b49b396afd18012e4d85a5db5
Size

1.5MB
MD5

7055ad7fc2d346105fc5525c29cc8669
SHA1

18f3c48e5ec37241b694097e99ff1301e704ca19
SHA256

a8206f3cfd9ed33c16512c03c37fc9d5c000d12b49b396afd18012e4d85a5db5
SHA512

f0fb429b5ac9e1e9b1834fb5a4cb802ff8f1cdbf090f1c7b0b9659d6b2f9c63ab022ab7b2f325e7186ac79af8fba7f607464ba257835ca8cb9230b930e5be634
SSDEEP

12288:1is/q6DSqXs/q6DSnKa33Ecj4K/5qjDg2EB0NxDIBuOFe7/uT:1lq6Dteq6DUR4jM2DtIoOFdT

Score

N/A

Malware Config

Signatures

Files

a8206f3cfd9ed33c16512c03c37fc9d5c000d12b49b396afd18012e4d85a5db5
.exe windows x86

59d948425e0ba7c576ac39a785795bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

ndgts

ord1
ord3

psapi

EnumProcessModules
GetModuleBaseNameA

msvcr71

_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
memset
fseek
ftell
malloc
free
strncpy
fclose
fopen
memcpy
strcmp
strstr
strchr
sscanf
fgets
fprintf
_strdate
_strtime
strlen
sprintf
fread

kernel32

GetStartupInfoA
GetProfileIntA
GetCurrentThreadId
FindResourceA
LoadResource
LockResource
GlobalAlloc
GlobalFree
FreeResource
GlobalLock
GlobalUnlock
lstrcpyA
lstrcatA
LoadLibraryExA
FindFirstFileA
FindClose
GetPrivateProfileStringA
lstrlenA
lstrcpynA
LoadLibraryA
Sleep
FreeLibrary
GetTickCount
CloseHandle
GetLastError
CreateProcessA
SearchPathA
_lclose
_lwrite
_lcreat
GetSystemTime
UnmapViewOfFile
GlobalDeleteAtom
MapViewOfFile
CreateFileMappingA
GlobalAddAtomA
OpenFileMappingA
GlobalGetAtomNameA
OpenProcess
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetEnvironmentVariableA
GetExitCodeProcess
WaitForSingleObject

user32

GetWindowDC
GetDesktopWindow
PostThreadMessageA
DefWindowProcA
UpdateWindow
InvalidateRect
ShowWindow
CreateWindowExA
RegisterClassA
GetDC
SetCursorPos
GetSystemMetrics
ReleaseDC
BeginPaint
DrawTextA
EndPaint
wsprintfA
LoadCursorA
GetClassLongA
SetCursor
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
CharToOemA
LoadStringA
MessageBeep
MessageBoxA
GetClassNameA
SendMessageA
EnumWindows

gdi32

GetDeviceCaps
CreateFontA
GetObjectA
CreateCompatibleBitmap
CreatePalette
CreateDIBitmap
SetBkMode
GetTextMetricsA
SetTextColor
SelectPalette
RealizePalette
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
DeleteObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

59d948425e0ba7c576ac39a785795bee

Headers

File Characteristics

Imports

ndgts

psapi

msvcr71

kernel32

user32

gdi32

advapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.tc Size: 244KB - Virtual size: 244KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.tc
Size: 244KB - Virtual size: 244KB