a6398acaae2b976b52553a39458e7ab109068f17c0004dda60b2c2e787e9d4c6

Sharing

Copy URL Twitter E-mail

General

Target

a6398acaae2b976b52553a39458e7ab109068f17c0004dda60b2c2e787e9d4c6
Size

340KB
MD5

fd783b111f32211267feb9bf1113031c
SHA1

c79fc52361a038e45209de8d385ac59b5a4e6443
SHA256

a6398acaae2b976b52553a39458e7ab109068f17c0004dda60b2c2e787e9d4c6
SHA512

1438a0aa95515be1450f8d9b3c90683610fc2c303717c53493419dae78e9ef9d1206f36a724f3c1a7da0a9982eb1d242a422005d9006f9c689a2e0461edea9d5
SSDEEP

6144:VrFfkjxvX6R8nxPvHEQvwUlbpTOpcXO8eU2rVRBLrUzLiL8:ZFAm8xHoUlbMcee2RRBcvq8

Score

N/A

Malware Config

Signatures

Files

a6398acaae2b976b52553a39458e7ab109068f17c0004dda60b2c2e787e9d4c6
.exe windows x86

009e1a0d0bbf6d9462d0ec27dd4f4303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
GetLastError
GlobalFree
VirtualFree
ReadFile
CreateFileA
FlushViewOfFile
SetLastError
GetModuleHandleA
Sleep
WriteFile
GlobalAlloc
CopyFileA
SuspendThread
FreeResource
SizeofResource
LockResource
LoadResource
VirtualProtect
VirtualAlloc
ExitProcess
ResumeThread
LoadLibraryA
GetSystemTime
FreeLibrary
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStringTypeW
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
CreateThread
CloseHandle
HeapFree
GetProcAddress
WaitForMultipleObjects
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA

user32

ReleaseDC
DefWindowProcA
GetClientRect
CreateWindowExA
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
IsWindow
GetIconInfo
GetWindowLongA
ShowWindow
GetDesktopWindow
LoadStringA
GetDC

gdi32

CreatePenIndirect
DeleteObject
CreateCompatibleBitmap
GetDIBits

pdh

PdhAddCounterA
PdhOpenQueryA
PdhCollectQueryData

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 234KB - Virtual size: 549KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

009e1a0d0bbf6d9462d0ec27dd4f4303

Headers

File Characteristics

Imports

kernel32

user32

gdi32

pdh

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 24KB - Virtual size: 23KB

.tls Size: 4KB - Virtual size: 384B

.rsrc Size: 6KB - Virtual size: 5KB

.sdata Size: 234KB - Virtual size: 549KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 24KB - Virtual size: 23KB

.tls
Size: 4KB - Virtual size: 384B

.rsrc
Size: 6KB - Virtual size: 5KB

.sdata
Size: 234KB - Virtual size: 549KB