512262bb685058fab71499918f716f019b66df563faa75c57762d13b82cd83c2

Sharing

Copy URL Twitter E-mail

General

Target

512262bb685058fab71499918f716f019b66df563faa75c57762d13b82cd83c2
Size

115KB
MD5

831cccd5c391cf33640f2e44c756d325
SHA1

8c187f1230cfea036228c911e1b56d877a50e810
SHA256

512262bb685058fab71499918f716f019b66df563faa75c57762d13b82cd83c2
SHA512

0fdbcd354d9c0b0da1f66bb43490c978d678faa99bcf03d7ff0caccbe2bc354652dad1296ff004be49e7937f38bc8948673e41390b16e5b47368542034756afb
SSDEEP

3072:IUlgUxAkr+vVsZma6XGUno4Ow9mFdG3W34:plHJr+vVsZjSGxwUnmW3

Score

N/A

Malware Config

Signatures

Files

512262bb685058fab71499918f716f019b66df563faa75c57762d13b82cd83c2
.exe windows x86

0be2e275864833c59142c53588aecbdc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCanonicalizeA
ord29
ChrCmpIA

kernel32

GetConsoleScreenBufferInfo
GetPrivateProfileSectionA
WritePrivateProfileStringW
GetCurrentThreadId
GetFullPathNameW
SetConsoleTitleA
ReleaseSemaphore
ReadProcessMemory
CopyFileW
WritePrivateProfileSectionA
GetCurrentProcess
SetErrorMode
GetProfileIntW
MoveFileExA
lstrcmpA
GetUserDefaultUILanguage

user32

IsHungAppWindow
GetGuiResources
DdeConnect
VkKeyScanA

gdi32

SetRectRgn
RectInRegion
CreateMetaFileW
OffsetRgn
SetPaletteEntries
CreateRectRgn
RectVisible
GetPixel
ExtTextOutA
CreateEnhMetaFileW
TextOutA
GetEnhMetaFileBits
SetDIBitsToDevice
SetLayout
EnumFontsW

Exports

Exports

?VirtualMemory@@YGKPAK@Z
WhopTestrangrapsdebsTzarNipaYins

Sections

code
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

regsvr
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0be2e275864833c59142c53588aecbdc

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

Exports

Exports

Sections

code Size: 31KB - Virtual size: 30KB

.data Size: 56KB - Virtual size: 251KB

regsvr Size: 17KB - Virtual size: 17KB

.edata Size: 512B - Virtual size: 158B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.itext Size: 512B - Virtual size: 168B

.idata Size: 1024B - Virtual size: 990B

code
Size: 31KB - Virtual size: 30KB

.data
Size: 56KB - Virtual size: 251KB

regsvr
Size: 17KB - Virtual size: 17KB

.edata
Size: 512B - Virtual size: 158B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 168B

.idata
Size: 1024B - Virtual size: 990B