02747b594ea2eccb88cc29eab3a4171e06f351eed7afd6e60ba912a8992be0d6

Sharing

Copy URL

Twitter E-mail

General

Target

02747b594ea2eccb88cc29eab3a4171e06f351eed7afd6e60ba912a8992be0d6
Size

631KB
MD5

835c029e8405208b57beb9badd13fd87
SHA1

967d3b6ea117f3dc9305e7378d1fbe9be94307bc
SHA256

02747b594ea2eccb88cc29eab3a4171e06f351eed7afd6e60ba912a8992be0d6
SHA512

879ccbf25b307858b46e1f09fd0b5a86e7d688687c92c060f809f4326bdbcb7ca4bf0f5bec2da861a647ba1db7f20330111d2cc0e7bbda043ae1f8d753343632
SSDEEP

12288:36DLzQmkV3BHlwMf+ni5pp72PUKMApci/oK8wm2G/Giah/MNnVCaLqzHHf1o:mXKZfVbBaMsd/XYMGCaWD/2

Score

N/A

Malware Config

Signatures

Files

02747b594ea2eccb88cc29eab3a4171e06f351eed7afd6e60ba912a8992be0d6
.exe windows x86

1b875fbd0422e125f306dde79e61f18b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
HeapAlloc
GetProcessHeap
VirtualAlloc
IsBadReadPtr
Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
InterlockedCompareExchange
HeapSize
GetCurrentDirectoryA
GetCommandLineW
GetEnvironmentStrings
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GlobalFree
lstrlenA
LCMapStringW
LoadLibraryExW
InterlockedIncrement
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
ExpandEnvironmentStringsA
WaitForMultipleObjects
FindFirstFileW
ResetEvent
FindFirstFileA
CompareStringW
GlobalLock
DeleteFileW
DeleteFileA
GetStartupInfoA
FreeLibrary
LoadLibraryA
GetVersion
VirtualProtect
TlsAlloc
IsBadWritePtr
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
SetEndOfFile
VirtualQuery
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
CreateThread
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
InitializeCriticalSection
FormatMessageW
LocalFree
SetEvent
GetStringTypeW
GetDiskFreeSpaceA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetProcAddress
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetStdHandle
GetCurrentThread
GetCurrentThreadId
GetLastError
GetCommandLineA
GetTickCount
FlushFileBuffers
GetCurrentProcessId

oleaut32

SysFreeString
VariantInit
SysAllocString
SysStringLen

user32

GetDesktopWindow
SendMessageA
TrackPopupMenu
LoadCursorA
ScreenToClient
GetDlgItem
SetWindowTextA
SetWindowLongA
PostMessageA
GetSystemMetrics
BeginPaint
DispatchMessageA
EndDialog
SetForegroundWindow
IsWindowEnabled
TranslateMessage
PeekMessageA
EnableWindow
DefWindowProcA
GetParent
GetDC
IsWindow
SetWindowPos
PostQuitMessage
CallWindowProcA
GetSysColor
IsWindowVisible
InvalidateRect
wsprintfA
CreateWindowExA
GetClientRect

advapi32

RegCreateKeyExA
RegQueryValueExA
GetTokenInformation
RegOpenKeyExA
RegCloseKey
OpenProcessToken

Sections

.text
Size: 590KB - Virtual size: 913KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b875fbd0422e125f306dde79e61f18b

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

advapi32

Sections

.text Size: 590KB - Virtual size: 913KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 590KB - Virtual size: 913KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 11KB - Virtual size: 10KB