c0895a0dfa81f6a707f44ac7731006df3557e9eb4fa6ccd7712fff2c5d706e76

Sharing

Copy URL

Twitter E-mail

General

Target

c0895a0dfa81f6a707f44ac7731006df3557e9eb4fa6ccd7712fff2c5d706e76
Size

412KB
MD5

65546f26f2ca3e38060584b575655ed2
SHA1

ebd6a23a4708dd29ac2d11ab737cd1588049731b
SHA256

c0895a0dfa81f6a707f44ac7731006df3557e9eb4fa6ccd7712fff2c5d706e76
SHA512

43892fbcc89fa2b6e8a3602ac0934ae35fdfed25e7ea324cf32c6b1f737e60d209112c1eb8e4528ff477bedcae513e269ae81403d3113964d4fd627a039cf21d
SSDEEP

6144:KHrsPKMuGqYGBXhhdjFus5obuuCquJhpp19uDEFESM5l64oLL7W1yw2BzuKF:04KMqxhbutp3+dNESIQL7HjBuK

Score

N/A

Malware Config

Signatures

Files

c0895a0dfa81f6a707f44ac7731006df3557e9eb4fa6ccd7712fff2c5d706e76
.exe windows x86

c810ef55fb07961ab25d54d8813fa78d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtMapViewOfSection
NtCreateSection
ZwReadFile

kernel32

TlsSetValue
VirtualAlloc
GetCommandLineW
GetCurrentThreadId
GetProcAddress
CloseHandle
TlsGetValue
ResumeThread
lstrcpyA
CreateThread
VirtualFree
SetThreadPriority
GetModuleHandleA
ExitThread
HeapDestroy
GetVersion
GetThreadPriority
LoadLibraryA
OpenThread
HeapCreate
CompareFileTime
HeapSize

gdi32

StartPage
GetCharABCWidthsFloatW
GetDeviceCaps
GetTextExtentPoint32A
CreateFontA
SetBkColor
GetStockObject
SetTextColor
GetTextMetricsA

preson27

CyInt
TextCmpEq
Neg
ChangeDir
Error
CreateIExprSrvObj
Idiv
FileLen
Environ
StrToAnsi
FileCloseAll
ForEachCollAd
rtBoolFromErr
LowerCaseBstr
CopyRecord
BoolStr
GetYear
GetMinuteOfHour
LateMemCall
I2ForNextCheck
LateMemCallLdRf
I2
CyI4
LateIdCallSt
ErrObj
FreeStr
R8Sgn
RecDestructAnsi
LibraryUnload
CreateInstanceEx
DateStr
IsEmpty
Trim
FV
Aryg
Ptr
TextTstGe
CommandBstr
HresultCheckObj
MonthName
PowerR8
GetTimeBstr
StrI2
TextCmpGt
StrUI1
ForEachColl
Put4
AryConstruct2
CreateContext
Redim2
ord2
Str2Vec
CallByName
IndexStore
Len
NameFile
UI1I2
SetFileAttr
SetTimeBstr
LateMemStAd
HexBstrFrom
Randomize
GetMonthOfYear
AppActivate
SpaceBstr
GetTimer
DoEvents
ImmediateIf
DerefAry
IRR
gNofree
CmpLe
LateIdCallLd
LeftTrimBstr
GetFileAttr
VerifyObj
PutMem2
StrVal
Fix

user32

GetSubMenu
SendMessageW
GetSysColor
InvalidateRect
GetCursorPos
DialogBoxParamW
GetWindowTextW
DestroyIcon
GetDlgItemTextW
DefWindowProcW
GetDlgItemTextA
LoadStringA
GetWindowDC
InsertMenuA
ReleaseCapture
FillRect
FindWindowA
SetDlgItemTextA
CreatePopupMenu
IntersectRect
DestroyMenu
SetCursorPos
GetActiveWindow
CharNextW
SetWindowPos
DrawIcon
UpdateWindow

Sections

.text
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c810ef55fb07961ab25d54d8813fa78d

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

gdi32

preson27

user32

Sections

.text Size: 374KB - Virtual size: 374KB

.data Size: 35KB - Virtual size: 34KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 374KB - Virtual size: 374KB

.data
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 2KB - Virtual size: 4KB