5b584302405d0def49a538ff290fc8f62df6922c1da29e4a5cb9f1fca4d0b6c6

Sharing

Copy URL

Twitter E-mail

General

Target

5b584302405d0def49a538ff290fc8f62df6922c1da29e4a5cb9f1fca4d0b6c6
Size

258KB
MD5

cc958754fe8c3e34eb296337e1758037
SHA1

51923b932f9f81e4c4b07260d3fdc31d8bd00c69
SHA256

5b584302405d0def49a538ff290fc8f62df6922c1da29e4a5cb9f1fca4d0b6c6
SHA512

9181b0c623ded11993481e61fb426d0ac5b7d4b9b781c27a2179418a3d34d6227f1e7e48f5d51208e522f163fccbe2fcbf01adf945d046518367fa9692eea1e2
SSDEEP

6144:d33Jidh0GRjh9JAJK2FxLLSdw8uU8ybY+:PidhH9yDU8yU

Score

N/A

Malware Config

Signatures

Files

5b584302405d0def49a538ff290fc8f62df6922c1da29e4a5cb9f1fca4d0b6c6
.exe windows x86

7db61105f8eb869011c0b9d21d441c1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueW
RegCreateKeyExA
CryptDestroyKey
RegRestoreKeyA
StartServiceW
CryptEnumProvidersW
RegConnectRegistryW
CryptSetHashParam
RegQueryInfoKeyA
CryptSetProvParam
CryptSetProviderW
RegQueryInfoKeyW
CryptSetProviderExW
RegDeleteValueA
CryptEnumProvidersA
RegLoadKeyW
RegSetKeySecurity

comdlg32

ChooseFontW

kernel32

LCMapStringA
InterlockedExchange
CompareStringA
GetFileTime
GetLocaleInfoW
ExitProcess
GetLocaleInfoA
SetEnvironmentVariableA
WriteFile
SystemTimeToFileTime
GetCommandLineW
GetACP
LockFileEx
GetOEMCP
SetFilePointer
TlsSetValue
HeapDestroy
GetCPInfo
GetUserDefaultLCID
WriteFileEx
GetSystemInfo
GetProcAddress
HeapAlloc
VirtualFree
MultiByteToWideChar
GetEnvironmentStringsW
RtlUnwind
LoadLibraryA
GetTimeFormatA
LCMapStringW
HeapFree
FreeEnvironmentStringsW
GetTickCount
VirtualQuery
GetFileType
GetPriorityClass
IsValidCodePage
CreatePipe
SetHandleCount
GetModuleHandleA
TlsGetValue
FindFirstFileW
VirtualProtect
HeapCreate
GetStringTypeA
GetStartupInfoW
GetWindowsDirectoryA
EnumSystemLocalesA
SetLastError
TlsFree
GetSystemTimeAsFileTime
GetDateFormatA
GetCurrentThreadId
LoadLibraryExW
GetAtomNameW
VirtualAlloc
GetNamedPipeHandleStateW
GetModuleFileNameA
GetStartupInfoA
HeapSize
TerminateProcess
QueryPerformanceCounter
UnhandledExceptionFilter
HeapReAlloc
SetStdHandle
GetVersion
GetTimeZoneInformation
CompareStringW
IsValidLocale
GetCurrentProcessId
OpenSemaphoreW
TlsAlloc
LeaveCriticalSection
GetLastError
FreeEnvironmentStringsA
GetModuleHandleW
EnumSystemLocalesW
GetStringTypeW
InitializeCriticalSection
GetCurrentProcess
IsBadWritePtr
GetEnvironmentStrings
DeleteFileA
GetVersionExA
CreateMutexW
GetStdHandle
EnumDateFormatsW
GetModuleFileNameW
EnterCriticalSection
GetCommandLineA
FreeLibrary
GetCurrentThread
DeleteCriticalSection
WideCharToMultiByte

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7db61105f8eb869011c0b9d21d441c1b

Headers

File Characteristics

Imports

advapi32

comdlg32

kernel32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 7KB - Virtual size: 34KB

.data Size: 136KB - Virtual size: 136KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 7KB - Virtual size: 34KB

.data
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 9KB - Virtual size: 9KB