5210640d4b9079f1c3c3c6b7af825c6e12d96f00ae2ff56e1f7570d7d0e5a63a

Sharing

Copy URL Twitter E-mail

General

Target

5210640d4b9079f1c3c3c6b7af825c6e12d96f00ae2ff56e1f7570d7d0e5a63a
Size

680KB
MD5

04a4a9554571198bc3cf5f79a2ec85d7
SHA1

c9ee881e30610f2c9fbdd337a7900a02806af76a
SHA256

5210640d4b9079f1c3c3c6b7af825c6e12d96f00ae2ff56e1f7570d7d0e5a63a
SHA512

59bab38726e0ba41c247a35afc670ca46dd291e86fa80d6da35ea38f092939b366350ef692eedebbf6b2b7eaae560df85b798223ed94bc249d11ae0141d3e36d
SSDEEP

12288:iktfpMTWIxURMWF2r/MBsUlJAdKxz+lxYa9m5ECxD0mDJy:iktfpMT5JWF2w60P7GDm

Score

1^/10

Malware Config

Signatures

Files

5210640d4b9079f1c3c3c6b7af825c6e12d96f00ae2ff56e1f7570d7d0e5a63a
.exe windows x86

309952cf4f2fcc8ed9ed7d7974e39001

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlMoveMemory
GetCurrentThreadId
LoadLibraryA
CreateFileW
WriteFile
CloseHandle
CreatePipe
CreateProcessA
PeekNamedPipe
ReadFile
GetExitCodeProcess
GetEnvironmentVariableA
CreateWaitableTimerA
SetWaitableTimer
Sleep
CreateIoCompletionPort
GetQueuedCompletionStatus
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetLocalTime
GetModuleFileNameA
FreeLibrary
GetProcAddress
LCMapStringA
LocalSize
FlushFileBuffers
SetStdHandle
LCMapStringW
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
RaiseException
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetModuleHandleW
MultiByteToWideChar
GetLastError
TlsGetValue
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
TlsSetValue
TlsAlloc
SetLastError

user32

GetSysColor
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
MsgWaitForMultipleObjects
WaitForInputIdle
GetInputState
GetClassNameA
GetAncestor
GetParent
DefWindowProcW
EndPaint
FillRect
BeginPaint
GetWindowThreadProcessId
SetFocus
SetForegroundWindow
BringWindowToTop
AttachThreadInput
IsZoomed
IsIconic
ShowWindow
SetWindowLongW
GetWindowLongW
DestroyIcon
CreateIconFromResource
RegisterClassExW
LoadCursorW
CreateWindowExW

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

gdi32

DeleteObject
CreateSolidBrush

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

309952cf4f2fcc8ed9ed7d7974e39001

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

imagehlp

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 512KB - Virtual size: 566KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 512KB - Virtual size: 566KB

.rsrc
Size: 68KB - Virtual size: 66KB