73c36b6fd1e6dbee26781e5f506f49e8d97b412aac5f04a84ea2b1060fedd82b

Sharing

Copy URL

Twitter E-mail

General

Target

73c36b6fd1e6dbee26781e5f506f49e8d97b412aac5f04a84ea2b1060fedd82b
Size

98KB
MD5

fffb77a7518953737194c45cdd9e1963
SHA1

62e1ffc5b79ed50d4f8649fae4712801087bad74
SHA256

73c36b6fd1e6dbee26781e5f506f49e8d97b412aac5f04a84ea2b1060fedd82b
SHA512

52425742947ce94aad24f9d6c432cef6354af4e895e8d8e39aa1ec7b3c83e4096f414a8d256b60e72643978197e4a085c4f847addd467cce58e71e138c3c1314
SSDEEP

1536:KB8PziSvy9mKtAnX2w01nzkBifwG/oov+szRTG/Y5HX/LRsLRY32/groX:KBovyCKxwUfJrmszZG/Y5z+O32Iro

Score

N/A

Malware Config

Signatures

Files

73c36b6fd1e6dbee26781e5f506f49e8d97b412aac5f04a84ea2b1060fedd82b
.exe windows x86

3197f7daf6c055554fcb60d9f62aacdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

msvcrt

_wfopen
fgetws
feof
__CxxFrameHandler3
_wtoi
towlower
wcschr
_wcsnicmp
_vsnwprintf
_vscprintf
vsprintf_s
vswprintf_s
_vscwprintf
swscanf_s
fclose
wcstok_s
iswctype
strrchr
_vsnprintf
memcpy
_controlfp
_onexit
__dllonexit
_unlock
_lock
_except_handler4_common
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_acmdln
_initterm
__setusermatherr
_ismbblead
__p__fmode
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
__p__commode
_XcptFilter
_CxxThrowException
_callnewh
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
_wcsicmp
wcscpy_s
_beginthreadex
wcsstr
wcsrchr
calloc
memmove_s
malloc
memcpy_s
_purecall
free
memcmp
memset

advapi32

OpenThreadToken
GetTokenInformation
OpenProcessToken
AddAccessAllowedAce
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
EqualSid
IsValidSecurityDescriptor
GetAclInformation
InitializeAcl
AddAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
MakeAbsoluteSD
GetSecurityDescriptorControl
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetLengthSid
CopySid
IsValidSid
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
SetSecurityDescriptorOwner
InitializeSecurityDescriptor

kernel32

UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
TlsSetValue
TlsAlloc
GetLocalTime
GetFileSize
TlsGetValue
TlsFree
FormatMessageA
GetVersionExW
GetLastError
CreateEventExW
CloseHandle
WaitForSingleObjectEx
SetErrorMode
GetCommandLineW
InitializeCriticalSection
SetThreadUILanguage
SetEvent
EnterCriticalSection
LeaveCriticalSection
OpenEventW
WaitForMultipleObjectsEx
ExitProcess
DeleteCriticalSection
OutputDebugStringW
GetModuleFileNameW
RaiseException
VirtualQuery
GetModuleHandleW
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy
MultiByteToWideChar
WideCharToMultiByte
Sleep
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringA
FreeLibrary
GetModuleHandleExW
SetLastError
SearchPathW
GetModuleFileNameA
WaitForSingleObject
WriteFile
CreateMutexW
CreateMutexA
ReleaseMutex
GetVersion
CreateFileA
DeleteFileA
DeleteFileW
CreateFileMappingA
DebugBreak
GetFileSizeEx
GetWindowsDirectoryW
IsDebuggerPresent
FlushFileBuffers
DeviceIoControl
GetCurrentThreadId
GetSystemWindowsDirectoryW
ExpandEnvironmentStringsW
CreateFileW
FormatMessageW
FindResourceExW
LoadResource
LocalFree
LoadLibraryExW
GetProcAddress
SetFilePointer
GetTempFileNameW
GetCurrentThread

ole32

CoRegisterPSClsid
ProgIDFromCLSID
CoRevokeClassObject
CoInitializeSecurity
CoCreateInstance
CLSIDFromString
CoRegisterClassObject
CoInitializeEx
CoUninitialize
CoTaskMemFree

user32

LoadStringW

oleaut32

SysFreeString
SysAllocString
SysStringLen
LoadRegTypeLi
LoadTypeLi
SystemTimeToVariantTime
SetErrorInfo
CreateErrorInfo
VariantTimeToSystemTime
SysAllocStringLen

ntdll

RtlGetVersion
RtlFreeHeap
RtlAllocateHeap
RtlNtStatusToDosError

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3197f7daf6c055554fcb60d9f62aacdb

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

ole32

user32

oleaut32

ntdll

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 1KB - Virtual size: 3KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 1KB - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 4KB