28a40339804c1484c2ff42d7b55f7cdc6a32ec42614238e86bbccabf764d9400

General

Target

28a40339804c1484c2ff42d7b55f7cdc6a32ec42614238e86bbccabf764d9400
Size

106KB
MD5

3181c6f3a5c6d8b3a6c433d3aa0a4d36
SHA1

2c859bb2836e69a2e75fa52e8673a8248212760e
SHA256

28a40339804c1484c2ff42d7b55f7cdc6a32ec42614238e86bbccabf764d9400
SHA512

ddf3c3eefabf4f6d8c2005e560d4dd253181546fcfe6c8b3ca0e2b5baeb18fa4057915f70332305b9a1dddbe6fd5aca1f979f40db3d4b6c70c464233b31f133a
SSDEEP

1536:aYo3auR1rajr5YepSntMmhMA1ypGUFK0/8MOhmX4aDaCbZHKIXAmh:joLR1r0d9KvhJyFFK0hSmX4a2Cbthph

Score

N/A

Malware Config

Signatures

Files

28a40339804c1484c2ff42d7b55f7cdc6a32ec42614238e86bbccabf764d9400
.exe windows x86

1126d4c13670a56bca2c4e0a1a8f5f32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_unlink
_pipe
__p__fmode
_getch
_unlock
_acmdln
exit
__set_app_type
__setusermatherr
sqrt
_exit
wcslen
_except_handler3
__p__commode
_XcptFilter
_lseeki64
_ftol
_initterm
_adjust_fdiv
gmtime
__getmainargs
ceil
_CIpow

kernel32

FileTimeToDosDateTime
lstrcmpiW
QueryPerformanceCounter
GetFileAttributesA
CompareStringW
RemoveDirectoryA
GetEnvironmentStrings
GetCurrentProcess
GetModuleHandleA
FlushFileBuffers
VirtualProtect
GetTempPathA
GetFullPathNameA
GetPrivateProfileStringA
GetSystemDefaultLCID
GetStringTypeExA
GetEnvironmentStringsW
GetStartupInfoA
ExpandEnvironmentStringsA
SetLastError
GetDateFormatA
GetModuleHandleW
LocalAlloc
GetStringTypeA

user32

MessageBoxA
GetClassInfoA
InsertMenuA
BeginPaint
EnumWindows
EndDialog
EndPaint
SetActiveWindow
GetCursorPos
GetSysColorBrush
AdjustWindowRectEx
SendDlgItemMessageA
SetClipboardData

advapi32

AddAccessAllowedAce
CryptHashData
InitializeAcl
GetTokenInformation
RegOpenKeyExA
AdjustTokenPrivileges
DeleteService
RegOpenKeyA
GetSecurityDescriptorDacl
SetSecurityDescriptorGroup
RegEnumKeyExW
CryptReleaseContext
EqualSid
InitializeSecurityDescriptor
RegCreateKeyExA

oleaut32

SysStringLen
GetErrorInfo
LoadTypeLib
SafeArrayRedim
SysFreeString
GetActiveObject
VariantCopy
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayPutElement
SetErrorInfo
VariantClear
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayCreate

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1126d4c13670a56bca2c4e0a1a8f5f32

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 31KB - Virtual size: 30KB