621a3272c3aa5bafce9b7a7341928ec49d7e04554b444ada2fbffe3f220eedc5

Sharing

Copy URL

Twitter E-mail

General

Target

621a3272c3aa5bafce9b7a7341928ec49d7e04554b444ada2fbffe3f220eedc5
Size

351KB
MD5

34519db4db82daece95ff30eebed6485
SHA1

5568bef18cf8dda8bac65687808e979bb66ea8f5
SHA256

621a3272c3aa5bafce9b7a7341928ec49d7e04554b444ada2fbffe3f220eedc5
SHA512

ebfa0bf8948e71a3bee45233cb4700bf4d49be4546b1cfd5247c442903b187f6e3d44a902233c9c39fc42a5d012abf4334e081c1950c4d7354f3fdfa0eac1927

Score

N/A

Malware Config

Signatures

Files

621a3272c3aa5bafce9b7a7341928ec49d7e04554b444ada2fbffe3f220eedc5
.exe windows x86

9e7e6a58d12d17a624b7df5a8eb6ec6c

Code Sign

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateEventA
GetCurrentProcessId
OpenProcess
GetLocalTime
GetTickCount
VirtualAlloc
WaitForMultipleObjects
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetDateFormatA
GetSystemDefaultLangID
K32EnumProcesses
K32EnumProcessModules
K32GetModuleFileNameExA
GetVolumeNameForVolumeMountPointW
ReadFile
SetEndOfFile
HeapReAlloc
HeapSize
WriteConsoleW
SetFilePointerEx
FlushFileBuffers
CreateFileW
GetProcessHeap
GetStringTypeW
GetFileType
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetTempPathW
GetTempFileNameW
GetLogicalDrives
GetFileSizeEx
GetDriveTypeW
FindVolumeClose
FindNextVolumeW
FindNextFileW
FindFirstVolumeW
FindFirstFileW
ReadConsoleW
FindClose
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetACP
HeapFree
HeapAlloc
LCMapStringW
GetConsoleCP
GetConsoleMode
FindFirstFileExA
FindNextFileA
DecodePointer

user32

UpdateWindow
GetWindowThreadProcessId
SetParent
SetClassWord
GetWindowLongA
SetWindowContextHelpId
GetWindowTextA
GetWindowDC
EnumWindowStationsA
GetForegroundWindow
GetSystemMetrics
IsWindowUnicode
KillTimer
GetClipboardFormatNameA
IsZoomed
IsWindowVisible
IsChild
SendMessageA

advapi32

GetNamedSecurityInfoA
ImpersonateLoggedOnUser
ImpersonateAnonymousToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidLengthRequired
GetSidIdentifierAuthority
GetLengthSid
GetAclInformation
DuplicateToken
ConvertStringSidToSidA

ole32

CoInitialize

oleaut32

VariantInit

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e7e6a58d12d17a624b7df5a8eb6ec6c

Code Sign

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 3KB - Virtual size: 7KB

.gfids Size: 512B - Virtual size: 268B

.rsrc Size: 170KB - Virtual size: 170KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 3KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 268B

.rsrc
Size: 170KB - Virtual size: 170KB