34aa232cdeecd38244b14bba0dd652f8ad64c2e898435bec800db3a9010e8344

Sharing

Copy URL

Twitter E-mail

General

Target

34aa232cdeecd38244b14bba0dd652f8ad64c2e898435bec800db3a9010e8344
Size

425KB
MD5

59c1283c442e45f37f51873452b6ad9d
SHA1

1b74ef8114dba9b63f9c45ee7e3af5114422f923
SHA256

34aa232cdeecd38244b14bba0dd652f8ad64c2e898435bec800db3a9010e8344
SHA512

99651f0bf54286cfcc3d388f6254ec8c78a43652f9b7632af590c4a725a0770799267e546084a0e8e86c1e32b442916c36224d7101f6009f1793bd52025ace7f
SSDEEP

6144:huPnXgub4FWXMJ0pDHSUEpK1U2u44RGc3oUBuIJKLoJS+uT0KOU+VMAdmWE:hmXgub4FZ0apK1U25Uk6ooJ8TN+VfdY

Score

N/A

Malware Config

Signatures

Files

34aa232cdeecd38244b14bba0dd652f8ad64c2e898435bec800db3a9010e8344
.exe windows x86

0d968fb420f00e44e2657781b5a03f6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
isupper
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
__iscsymf
acos
_onexit
__dllonexit
_lrotr

mpr

WNetCancelConnection2A

user32

SendMessageA
SetUserObjectSecurity
wvsprintfA
mouse_event
DispatchMessageA
IsWindowVisible
PeekMessageW
PostQuitMessage
FindWindowA
CreateWindowExW
ClientToScreen
LoadStringW
PostMessageW
PostMessageA
GetSysColorBrush
GetClipCursor
InvalidateRect
GetScrollRange
SetWindowLongW
IsIconic
SetClassLongA
GetKeyNameTextW
GetWindowWord
TrackPopupMenu
SetCaretBlinkTime
SetCaretPos
DrawTextW
GetCaretPos
GetMenu
CheckMenuItem
TranslateAcceleratorA
GetMessageExtraInfo
BlockInput
EnumDisplaySettingsW
LoadIconA
GetWindow
GetSystemMetrics
GetClassNameA
FindWindowW
SetCapture
OemToCharBuffA
GetSysColor
DestroyCursor
AttachThreadInput
SetDlgItemInt

netapi32

NetServerEnum

kernel32

GetCommandLineA
CreateDirectoryA
GetLastError
GetModuleHandleA
GetStartupInfoA
GetStringTypeA
Thread32Next

advapi32

ImpersonateSelf
SetThreadToken
CreateServiceA
SetSecurityDescriptorOwner
NotifyBootConfigStatus
GetTokenInformation
SetSecurityDescriptorGroup
FreeSid
GetSecurityDescriptorDacl
CreateProcessAsUserA

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d968fb420f00e44e2657781b5a03f6d

Headers

File Characteristics

Imports

msvcrt

mpr

user32

netapi32

kernel32

advapi32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 16KB - Virtual size: 544KB

.rsrc Size: 76KB - Virtual size: 75KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 16KB - Virtual size: 544KB

.rsrc
Size: 76KB - Virtual size: 75KB