77e350e7ccb193bf829e673276a51e0589ee74149f991556b9b2f72e4403e09b

Sharing

Copy URL Twitter E-mail

General

Target

77e350e7ccb193bf829e673276a51e0589ee74149f991556b9b2f72e4403e09b
Size

490KB
MD5

78e1fe4afa8023a333ee9fb91fe75ec8
SHA1

38bd0849e992e95a348955e8d01665aac230942e
SHA256

77e350e7ccb193bf829e673276a51e0589ee74149f991556b9b2f72e4403e09b
SHA512

f9ef3ed19959e401a5e5c47d3debe1f74f91e5782f35a681b3513619eace180e6a58cebe0a6a9a6a23b2b1490b73c20ce017b44ca4922aea24669bea23f1b10d
SSDEEP

12288:FZN/wViFL03lBmFAIJKnlTKwIqqmzeQmUrOkrmsJHCAnRkN1iHyS5:x/GiFI3lBKTWeIRu16yk

Score

N/A

Malware Config

Signatures

Files

77e350e7ccb193bf829e673276a51e0589ee74149f991556b9b2f72e4403e09b
.exe windows x86

e1d63a5bef0ad1ea0de4eb5559ec5e15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CompareStringA
IsValidCodePage
WaitForDebugEvent
RtlUnwind
GetStringTypeW
GetWindowsDirectoryW
GetCurrentProcess
GetOEMCP
VirtualAlloc
LCMapStringW
InterlockedIncrement
HeapReAlloc
GetEnvironmentStringsW
EnumResourceTypesW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringA
GetModuleFileNameA
FreeLibrary
GetStringTypeA
ExitProcess
GetCommandLineA
GetStdHandle
GetUserDefaultLCID
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetProcessHeap
EnumSystemLocalesA
HeapDestroy
QueryPerformanceCounter
TlsFree
SetEnvironmentVariableA
GetVolumeInformationA
SetConsoleCtrlHandler
Sleep
EnterCriticalSection
HeapAlloc
GetLocaleInfoA
HeapFree
GetFileType
WriteFile
GetCurrentProcessId
FoldStringA
GetTimeFormatA
GetStartupInfoA
SetLastError
HeapCreate
DeleteCriticalSection
GetCurrentThread
GetTimeZoneInformation
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetHandleCount
WritePrivateProfileStructW
GlobalGetAtomNameA
WideCharToMultiByte
VirtualFree
TlsSetValue
SetThreadAffinityMask
lstrcpynW
MultiByteToWideChar
WritePrivateProfileSectionW
FindResourceW
CompareStringW
GetVersionExA
GetProcAddress
GetDateFormatA
GetLastError
EnumResourceNamesA
IsDebuggerPresent
InterlockedExchange
HeapSize
TlsGetValue
GetLocaleInfoW
VirtualQuery
TlsAlloc
SetUnhandledExceptionFilter
GetTempFileNameA
IsValidLocale
GetCurrentThreadId
InitializeCriticalSection
WriteConsoleW
TerminateProcess
GetCPInfo
InterlockedDecrement
DebugActiveProcess
GetModuleHandleA
LeaveCriticalSection

shell32

FindExecutableW
DragQueryFileW
SHGetPathFromIDList
DragQueryFileAorW
SHBrowseForFolderW

advapi32

CreateServiceW
CryptEnumProvidersA
CryptSetKeyParam
RegCreateKeyExW
CryptSetProviderA
AbortSystemShutdownW
RegSetValueExW

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1d63a5bef0ad1ea0de4eb5559ec5e15

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 8KB - Virtual size: 8KB