ar812lite_ES[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ar812lite_ES.exe
Size

13.4MB
MD5

a28b72b6b5677cece81295f4deac302f
SHA1

031f2feb485876480324ec11b74c69a247d1d6cc
SHA256

54b7be348596b49198c86b4ad5cd8a3d1d86abe28470ba6f28a500ee3bb36b06
SHA512

b3d226afb5fd03d8362e6f604559f2a4f110d20daf54c95df981aacade6e6b369269bab82438ea9bae7f72ca61948dc642d1258ee476c5ef7c4ad88d3d8e7755
SSDEEP

196608:cYz2NIggx4fexjjoqR5FmNOievc/VzUxv0eW2+0Sf7LlOdifuZwxJsIh6D+lFDk:cYqG46oc8b/g0z2+0qLYdipdFQ

Score

N/A

Malware Config

Signatures

Files

ar812lite_ES.exe
.exe windows x86

e727e65b6d63ed258b668901ca4ab056

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

DeleteCriticalSection
InitializeCriticalSection
CloseHandle
WaitForMultipleObjects
SetEvent
CreateThread
WaitForSingleObject
ResetEvent
VirtualAlloc
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CompareStringW
CompareStringA
LoadLibraryA
AreFileApisANSI
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
SetFileAttributesA
SetFileAttributesW
RemoveDirectoryA
RemoveDirectoryW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
lstrlenA
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindFirstFileW
SetLastError
FindNextFileA
CreateFileA
CreateFileW
GetFileSize
SetFilePointer
ReadFile
SetFileTime
WriteFile
SetEndOfFile
CreateEventA
GetStdHandle
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateProcessA
GetCommandLineW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapReAlloc
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
SetUnhandledExceptionFilter
RtlUnwind
RaiseException
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue

user32

GetKeyState
DestroyWindow
PostMessageA
MessageBoxA
KillTimer
EndDialog
SendMessageA
GetDlgItem
SetTimer
ShowWindow
GetWindowRect
GetClientRect
SetWindowPos
MessageBoxW
SetWindowTextW
SetWindowTextA
LoadStringW
LoadStringA
DialogBoxParamA
SetWindowLongA
GetWindowLongA

oleaut32

VariantClear
SysAllocString

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e727e65b6d63ed258b668901ca4ab056

Headers

File Characteristics

Imports

comctl32

kernel32

user32

oleaut32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 291KB - Virtual size: 290KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 291KB - Virtual size: 290KB