7af6325c1cf32821d69f415b0c53376052d5802d3f2cded50a79f129aece16e5

Sharing

Copy URL Twitter E-mail

General

Target

7af6325c1cf32821d69f415b0c53376052d5802d3f2cded50a79f129aece16e5
Size

1.7MB
MD5

3f988f168173537cb8c0449e1e1c5c2d
SHA1

3a2f6f8a6444567d306fe1742c46dd80c18b510e
SHA256

7af6325c1cf32821d69f415b0c53376052d5802d3f2cded50a79f129aece16e5
SHA512

12c45955fc63516762bf7f17eb2735893dc1a9145bc435112533ddae8e5b0b5b0982ce93e3cd7a414a3a1b7c02ce65036fb2f05c2e26650a0bd446e039e60a19
SSDEEP

24576:GYAuogjK3I30pO2vB0gsSpSXxXFf0XE38EUqHngK0AMLnRRle8+2hJhL8kUw/n+e:Gw30pO2vB0gCXX3m6x+rbH+2hJhrdf+

Score

1^/10

Malware Config

Signatures

Files

7af6325c1cf32821d69f415b0c53376052d5802d3f2cded50a79f129aece16e5
.exe windows x86

415c0f4c8f732a6b6e34385c51a95d9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlMoveMemory
GetCurrentThreadId
LoadLibraryA
CreateFileW
WriteFile
CloseHandle
CreatePipe
CreateProcessA
PeekNamedPipe
ReadFile
GetExitCodeProcess
GetEnvironmentVariableA
CreateWaitableTimerA
SetWaitableTimer
Sleep
CreateIoCompletionPort
GetQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAlloc
SetHandleCount
VirtualFree
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetLocalTime
GetModuleFileNameA
FreeLibrary
GetProcAddress
LCMapStringA
LocalSize
FlushFileBuffers
SetStdHandle
LCMapStringW
IsBadCodePtr
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
RaiseException
HeapCreate
HeapDestroy
GetVersionExA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetModuleHandleW
MultiByteToWideChar
DeleteCriticalSection
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType

user32

GetMessageW
BeginPaint
PeekMessageA
GetMessageA
DispatchMessageA
wsprintfA
KillTimer
SetTimer
MsgWaitForMultipleObjects
WaitForInputIdle
GetInputState
GetClassNameA
GetAncestor
GetParent
DefWindowProcW
EndPaint
FillRect
MessageBoxA
GetWindowThreadProcessId
SetFocus
SetForegroundWindow
BringWindowToTop
AttachThreadInput
IsZoomed
IsIconic
ShowWindow
SetWindowLongW
GetWindowLongW
DestroyIcon
CreateIconFromResource
RegisterClassExW
LoadCursorW
CreateWindowExW
GetSysColor
DispatchMessageW
TranslateMessage

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

gdi32

DeleteObject
CreateSolidBrush

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

415c0f4c8f732a6b6e34385c51a95d9b

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

imagehlp

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 68KB - Virtual size: 66KB