44d21ea143ece509c6bb52d87090c7e4353c931b2be94021b0cee8a5d5854a50

Sharing

Copy URL Twitter E-mail

General

Target

44d21ea143ece509c6bb52d87090c7e4353c931b2be94021b0cee8a5d5854a50
Size

7.0MB
MD5

867aeddf1e39f9d7a7a46332c4b5d201
SHA1

8c0da74db407be99dc3963a2256e4d29886e4c62
SHA256

44d21ea143ece509c6bb52d87090c7e4353c931b2be94021b0cee8a5d5854a50
SHA512

257ae1811316caa2485353b55983dcb6596d3ad29815b876556e3a9624a99bab9b1ae691e3f2fe2a92be769853ea47a48d004f3601ab55df98cbc077e0811825
SSDEEP

3072:HFwQeyUS7mBiVI9erx7qgBU6HwgknMRi1+0WwX:HyQ/q9uugm6mnMc12w

Score

1^/10

Malware Config

Signatures

Files

44d21ea143ece509c6bb52d87090c7e4353c931b2be94021b0cee8a5d5854a50
.exe windows x86

8b4a74bcae9e952bf1c60c48e1e70879

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
lstrlenA
OutputDebugStringW
CloseHandle
RaiseException
FreeConsole
HeapAlloc
GetProcAddress
ExitProcess
GetModuleHandleW
GetProcessHeap
GetLastError
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
VirtualQuery
GetModuleHandleExW
FreeLibrary
Sleep
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW

user32

BlockInput

msvcrt

?_set_new_mode@@YAHH@Z
_msize
?terminate@@YAXXZ
__set_app_type
realloc
_XcptFilter
_unlock
_lock
_errno
free
strlen
strcpy_s
_controlfp_s
__p__commode
__p___argv
__p___argc
_set_fmode
_initterm_e
malloc
_callnewh
memmove
_amsg_exit
_except_handler4_common
memset
_CxxThrowException
strcat_s
_wmakepath_s
_wsplitpath_s
wcscpy_s
__CxxFrameHandler3
_environ
_initterm
__getmainargs

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Qazxsdf
Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b4a74bcae9e952bf1c60c48e1e70879

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

Qazxsdf Size: 80KB - Virtual size: 84KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

Qazxsdf
Size: 80KB - Virtual size: 84KB