58f83687030bd6f59cdbc70fd9096368eb0ae4ed6e17cfafd56277b5c09aa021

Sharing

Copy URL Twitter E-mail

General

Target

58f83687030bd6f59cdbc70fd9096368eb0ae4ed6e17cfafd56277b5c09aa021
Size

200KB
MD5

28b2def009c07e29de19c62f656be78b
SHA1

1cfe147eeac147a910611612743b1b903f66960d
SHA256

58f83687030bd6f59cdbc70fd9096368eb0ae4ed6e17cfafd56277b5c09aa021
SHA512

024a85c75bdd7997532c3748dd9258f42011a55e74d0e8cd294b54e972c9607a0019bc1bb2cc5421888565053fa056a28aadb39b937a434d3d7cc79e85dbc86b
SSDEEP

3072:U7y0FtcEC8DaYS7fW5hZlIRh2PWZzizbJUhMahfNQDbNtylU3HN2VW3:U2wcGaYS7fWzo2msJc+3HNmA

Score

N/A

Malware Config

Signatures

Files

58f83687030bd6f59cdbc70fd9096368eb0ae4ed6e17cfafd56277b5c09aa021
.exe windows x86

9d33aafc8b9c0f8bedaaa2548f27ed3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetPropA
SetMenu
GetWindowTextA
SetScrollRange
LoadImageA
DefMDIChildProcW
SetProcessWindowStation
AnyPopup
DispatchMessageA
SetDebugErrorLevel
GetNextDlgTabItem

dbghelp

SymGetModuleInfo64
StackWalk
SymEnumSymbols
MapDebugInformation
SymGetSymFromAddr
SymEnumerateSymbols64

kernel32

SetConsoleMode
ReadConsoleInputA
CreateFileW
CloseHandle
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
LoadLibraryW
HeapQueryInformation
GetLastError
GetProcessHeap
GlobalMemoryStatusEx
GetShortPathNameA
FreeEnvironmentStringsW
lstrcmpiW
GlobalUnfix
CreateJobObjectA
EnumCalendarInfoExA
InterlockedDecrement
InterlockedIncrement
GetTimeFormatA
GetDateFormatA
HeapReAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetTimeZoneInformation
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringW
RtlUnwind
IsProcessorFeaturePresent

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d33aafc8b9c0f8bedaaa2548f27ed3b

Headers

DLL Characteristics

File Characteristics

Imports

user32

dbghelp

kernel32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 18KB

.rsrc Size: 121KB - Virtual size: 121KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 18KB

.rsrc
Size: 121KB - Virtual size: 121KB