47388732346c76e0010315e684539a78ec0175456ffbfec8d6f6b1dd1cc68bcf

Sharing

Copy URL Twitter E-mail

General

Target

47388732346c76e0010315e684539a78ec0175456ffbfec8d6f6b1dd1cc68bcf
Size

194KB
MD5

caeb0a8a4d3a87a9990483f3a0f6f152
SHA1

1b7e64d2233271282c190318dd68a13c62c02841
SHA256

47388732346c76e0010315e684539a78ec0175456ffbfec8d6f6b1dd1cc68bcf
SHA512

66853da4d6256f5545272ba5e9db77c631832e7738cc6891246b6547d0d26cee07b85c342aa60faaabdb2428c71989031ed6491b008e642faf835cb99a4e240f
SSDEEP

3072:bfOjNY7bwlDy0epW7uL0Lfwlh0y18UMmz2CurhUyDk/hqHcuLK77ncoRi:LQNY7u2tpWu4LYv/CzUygwp2c

Score

N/A

Malware Config

Signatures

Files

47388732346c76e0010315e684539a78ec0175456ffbfec8d6f6b1dd1cc68bcf
.exe windows x86

89e0a631e9c236b4f99b38a9bd9d32ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleHandleA
lstrlenW
GetModuleFileNameA
lstrcpynW
GetPrivateProfileIntW
GetProcAddress
LoadLibraryA
LocalAlloc
GetProfileIntA
GetProfileStringA
SetThreadUILanguage
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetCPInfo
ExpandEnvironmentStringsW
GetLastError
LoadLibraryW
GetCommandLineW
ReadConsoleW
MultiByteToWideChar
GetThreadLocale
GetTimeFormatW
GetConsoleOutputCP
LocalFree
WriteConsoleW
LoadLibraryExW
FreeLibrary
GetTickCount
GetSystemTime
WideCharToMultiByte
FormatMessageW
GetConsoleMode
GetFileType
GetStdHandle
WriteFile
lstrcmpiW
GetFullPathNameW
FindFirstFileW
FindNextFileW
FindClose
GetVolumeInformationW
GetVolumePathNameW
FormatMessageA
SetErrorMode
OpenProcess
DuplicateHandle
OpenEventW
GetSystemDirectoryW
GetModuleFileNameW
CreateProcessW
UnmapViewOfFile
MapViewOfFile
HeapFree
HeapAlloc
GetProcessHeap
DeleteFileW
SetLastError
ReleaseMutex
CloseHandle
CreateFileW
WaitForSingleObject
OpenMutexW
ReadFile
GetStartupInfoW

user32

GetSysColor
LoadCursorA

gdi32

GetStockObject

msvcrt

__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_XcptFilter
_adjust_fdiv
_c_exit
_iob
fgets
strchr
wcsncpy
wcsrchr
wcstok
__p__commode
__p__fmode
__set_app_type
_vsnwprintf
_except_handler3
_controlfp
_exit
wcschr
_wcsupr
wcslen
exit
_wcsicmp
malloc
free
sscanf
strspn
strpbrk
_stricmp
wcscpy
_itoa
wcscmp
__wgetmainargs
__winitenv
_wtol
wcscat

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumValueW

Sections

.text2
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata14
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89e0a631e9c236b4f99b38a9bd9d32ab

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text2 Size: 512B - Virtual size: 112B

.text Size: 124KB - Virtual size: 124KB

.data Size: 3KB - Virtual size: 3KB

.rdata14 Size: 1024B - Virtual size: 784B

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 1024B - Virtual size: 904B

.text2
Size: 512B - Virtual size: 112B

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 3KB - Virtual size: 3KB

.rdata14
Size: 1024B - Virtual size: 784B

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 1024B - Virtual size: 904B