a5ac38a9bf6dd33bb82a48af7ec25c1b1b079e7ea41fa1880f8ca7ce9421ee22

Sharing

Copy URL

Twitter E-mail

General

Target

a5ac38a9bf6dd33bb82a48af7ec25c1b1b079e7ea41fa1880f8ca7ce9421ee22
Size

3.8MB
MD5

7f13c1c543daf3af0bbe2a66da43f10c
SHA1

5fff6909e16d79fb9a1845c3f1526768fd0f89d3
SHA256

a5ac38a9bf6dd33bb82a48af7ec25c1b1b079e7ea41fa1880f8ca7ce9421ee22
SHA512

43a24f73aa2ac35c0c89c4f22d090ff30d870ae9d4fbbf412ddbc5b8894e559cdf5cf95c985e2f4c113bad82606cb5e3795aa457c0aaedd1c43e92b0d7032f63
SSDEEP

98304:VFfwSfmCGtNAZz/PMjz2/VZPf9OBxu7KR9cJmnE/:nfwYG3AZDMPuvVOB07LJmnE/

Score

N/A

Malware Config

Signatures

Files

a5ac38a9bf6dd33bb82a48af7ec25c1b1b079e7ea41fa1880f8ca7ce9421ee22
.exe windows x86

3990409e3d0bb2a2bbfbfadbedb645a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
BuildCommDCBAndTimeoutsA
InterlockedDecrement
SetEnvironmentVariableW
GetProfileSectionA
OpenSemaphoreA
CallNamedPipeW
FreeEnvironmentStringsA
_lclose
SetTapeParameters
ReadConsoleW
SetCommState
SetProcessPriorityBoost
GetPriorityClass
GetConsoleMode
CopyFileW
GetBinaryTypeA
TerminateProcess
ReadFile
lstrcatA
GetACP
_llseek
FindNextVolumeMountPointW
DisconnectNamedPipe
RaiseException
SetCurrentDirectoryA
GetStdHandle
FreeLibraryAndExitThread
GetCurrentDirectoryW
SetLastError
GetProcAddress
MoveFileW
EnterCriticalSection
LoadLibraryA
LocalAlloc
AddAtomA
GetPrivateProfileStructA
GetTapeParameters
EnumResourceNamesA
RequestWakeupLatency
EnumDateFormatsW
LocalFree
lstrcpyW
CopyFileExW
lstrlenW
CreateMutexW
GetLastError
MoveFileA
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RtlUnwind
LeaveCriticalSection
SetHandleCount
GetFileType
DeleteCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
HeapSize
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetFilePointer
GetConsoleCP
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA
GetModuleHandleA

advapi32

AccessCheck
RevertToSelf

Exports

Exports

_asdga@4
_letter@12
_wedding@4
_weewgg@8
_welcome@4
_yongfeng@4

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3990409e3d0bb2a2bbfbfadbedb645a3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 17KB - Virtual size: 4.0MB

.rsrc Size: 19KB - Virtual size: 387KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 17KB - Virtual size: 4.0MB

.rsrc
Size: 19KB - Virtual size: 387KB