19195b1671f4a2c31d2de01df1fdd536ea4c3129b8840a77c9e9d54ffc079399

Sharing

Copy URL Twitter E-mail

General

Target

19195b1671f4a2c31d2de01df1fdd536ea4c3129b8840a77c9e9d54ffc079399
Size

298KB
MD5

8bf7e0109c9d70705b4a1969f4fe7127
SHA1

45159f7bcfc137d920172f83421b3c1350913510
SHA256

19195b1671f4a2c31d2de01df1fdd536ea4c3129b8840a77c9e9d54ffc079399
SHA512

538eeb4037b01b70ec7eaa5b17a04e1817c5f5f9f8079102e6b772f563acb61d038403e40495b08a21c9665d0d053083db864480b39ba929a7517b4c386f3c5d
SSDEEP

6144:QZLL8kowN9CsNTBfE1Mx3L0ZbIXNdbGBz:Q98koaCsNT5EWxIaGBz

Score

N/A

Malware Config

Signatures

Files

19195b1671f4a2c31d2de01df1fdd536ea4c3129b8840a77c9e9d54ffc079399
.exe windows x86

17de35bd7cf43148433d7f0082ed6b61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
CloseHandle
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
CreateDirectoryW
GetVersionExW
GetModuleFileNameW
GetTimeZoneInformation
GetSystemInfo
GetShortPathNameW
GetWindowsDirectoryW
DeleteFileW
FindNextFileW
CreateMutexW
CreateProcessW
OpenMutexW
GetProcessId
ReleaseMutex
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableA
WriteConsoleW
GetLocalTime
FindClose
EnterCriticalSection
GetLastError
FlushFileBuffers
CreateFileW
LeaveCriticalSection
InitializeCriticalSection
WriteFile
SetFilePointer
FindFirstFileW
SetStdHandle
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
GetCurrentProcessId
QueryPerformanceCounter
SetFilePointerEx
GetFileType
GetConsoleMode
GetConsoleCP
GetProcessHeap
GetStdHandle
GetOEMCP
GetACP
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
GetStringTypeW
GetSystemTimeAsFileTime
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
HeapReAlloc
HeapAlloc
GetCommandLineW
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage

user32

GetSystemMetrics

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

shlwapi

PathFileExistsW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17de35bd7cf43148433d7f0082ed6b61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 35KB - Virtual size: 35KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 35KB - Virtual size: 35KB