1a61bb6f63f0f949ac00191f6c0e55305b4b8c46ad625bb7af83773d83cf0670

Sharing

Copy URL Twitter E-mail

General

Target

1a61bb6f63f0f949ac00191f6c0e55305b4b8c46ad625bb7af83773d83cf0670
Size

584KB
MD5

07718743a0f20fbde04c54c0722684a0
SHA1

25a9fb3527ae1f475ba8c37ee9e7c5d596988768
SHA256

1a61bb6f63f0f949ac00191f6c0e55305b4b8c46ad625bb7af83773d83cf0670
SHA512

56c55bbfb4bb4d33e4ca08b73b6214b1408bad5f78c3400cc970e8c5b50d972b2d26bfc227a59e291b9d9be3076a8a636a7cc67cf9bcd1701a38516089ec362a
SSDEEP

12288:rWL4Z/RDvg5fNUnmFNZTWplHSvUxV5bYkU6bVkoZ:tg51UnmjZNq66xB

Score

N/A

Malware Config

Signatures

Files

1a61bb6f63f0f949ac00191f6c0e55305b4b8c46ad625bb7af83773d83cf0670
.exe windows x86

1047607239e2e9f9425b489306af8e6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
GetThreadPriority
GetModuleHandleW
GetProcAddress
LoadLibraryA
VirtualAlloc
GetTickCount
VirtualFree
VirtualQuery
GetSystemInfo
VirtualProtect
SetStdHandle
GetLastError
DeleteFileW
Sleep
GetLocaleInfoA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
HeapFree
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
FlushFileBuffers
SetFilePointer
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

SetFocus
ReleaseDC
GetDC
EnableWindow
SendMessageA
DestroyWindow
GetDesktopWindow

gdi32

SelectObject
CreatePen

ole32

CoInitialize

ws2_32

send

Exports

Exports

?XM2LPARSE@@YAKK@Z

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.EPV
Size: 4KB - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xcode
Size: 500KB - Virtual size: 497KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1047607239e2e9f9425b489306af8e6e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

ws2_32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.EPV Size: 4KB - Virtual size: 436B

.xcode Size: 500KB - Virtual size: 497KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 490KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 24KB - Virtual size: 23KB

.EPV
Size: 4KB - Virtual size: 436B

.xcode
Size: 500KB - Virtual size: 497KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 490KB

.rsrc
Size: 36KB - Virtual size: 35KB