52d5102c1520b2fa540549399660d7badcea6b45e484bf04406efe246399a4ac

General

Target

52d5102c1520b2fa540549399660d7badcea6b45e484bf04406efe246399a4ac
Size

200KB
MD5

496e37f676fedf4a5eb3003ecfa5f10b
SHA1

a8b68e851d629fbdd9bbb1c1cd94b03b990a6b54
SHA256

52d5102c1520b2fa540549399660d7badcea6b45e484bf04406efe246399a4ac
SHA512

fc5102fa4c135e4ba6f487550b55424fc554a9046897bb296b522381f2a9a9307e3f056256dcf0892601b4dcf1fac2228ad28c870e8ea1d673fc59d6c72a58da
SSDEEP

3072:HejnU2fxV+sdL09uudKsSqJnU7CSljap0bC3OfSm42HeOShq1V9fYIj3+k:HejBV+sdQY6AYUjlj9rbl8YT9pZ

Score

N/A

Malware Config

Signatures

Files

52d5102c1520b2fa540549399660d7badcea6b45e484bf04406efe246399a4ac
.exe windows x86

7236736efd9340a5a3bf78ba851b8a4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwOpenFile
NtQuerySystemInformation
NtSuspendThread
NtTerminateThread
NtQueryValueKey
RtlAddAce
RtlCompareString

kernel32

QueryPerformanceFrequency
CopyFileExA
DebugBreak
CreateThread
CreateDirectoryExA
SetEnvironmentVariableA
SetEndOfFile
LocalAlloc
GetCommandLineA
SetHandleCount
GetDateFormatA
SearchPathA
CreateToolhelp32Snapshot
TlsGetValue
MultiByteToWideChar
TlsAlloc
lstrcpynW
WritePrivateProfileSectionA
VirtualQuery
CreateProcessW
GetExitCodeProcess
LocalFree
WriteFile
VirtualProtect
SetProcessAffinityMask
CreateEventA
FindCloseChangeNotification
FreeLibrary
GetFileType
CreateDirectoryW
SetFilePointer
ExitProcess
GetCurrentProcess
GetProfileStringA
GetComputerNameA
GetSystemInfo
TerminateThread
CloseHandle
UnlockFileEx
GetDriveTypeA
GetLastError
CreateMutexA
IsValidCodePage
GetSystemTime
SleepEx
UnmapViewOfFile
WriteProcessMemory
GetCurrentDirectoryA
GetFileAttributesA
SetUnhandledExceptionFilter
FlushInstructionCache
CopyFileExW
GetConsoleMode
QueryPerformanceCounter
IsDebuggerPresent
LockResource
GetEnvironmentStrings
GetThreadPriority
MapViewOfFile
GetLocaleInfoA
EnterCriticalSection
GetSystemTimeAsFileTime
lstrlenA
GetPrivateProfileIntA
MoveFileExA
GetPrivateProfileSectionNamesA
GetOverlappedResult
GetPrivateProfileSectionA

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7236736efd9340a5a3bf78ba851b8a4d

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

Sections

.text Size: 177KB - Virtual size: 177KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 177KB - Virtual size: 177KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 2KB - Virtual size: 4KB