05e4325168d26f6946bed56a04c348fee53ef4645f52b312af09c7ff9de9c23e

Sharing

Copy URL Twitter E-mail

General

Target

05e4325168d26f6946bed56a04c348fee53ef4645f52b312af09c7ff9de9c23e
Size

427KB
MD5

de06fdaa8d86d8a9d35eacdda869a19b
SHA1

ba152f52dd74c64f89f2b57f6d9b87bfc835f72c
SHA256

05e4325168d26f6946bed56a04c348fee53ef4645f52b312af09c7ff9de9c23e
SHA512

2494b2f19ba8776792b940ccad7a87672081302983c2db5fb1722d72858131721650d850c68484d2e5d7ea6b2d574032cc93d6a411835de15ce38ff1d64c9417
SSDEEP

12288:Y2uTLYHrLo90n8F7KEmgB5ukT8SwlhYnndP:NeY38F7kA8ThWnV

Score

N/A

Malware Config

Signatures

Files

05e4325168d26f6946bed56a04c348fee53ef4645f52b312af09c7ff9de9c23e
.exe windows x86

6877cb1c112b358867a91d3e090378bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetCurrentThread
TlsFree
GetCPInfo
RtlUnwind
InitializeCriticalSection
GetACP
GetCurrentProcess
GetUserDefaultLCID
VirtualAlloc
UnhandledExceptionFilter
SetLastError
HeapReAlloc
GetStringTypeW
CreateWaitableTimerW
GetStringTypeA
GetLastError
TlsSetValue
GetModuleFileNameA
GetLocaleInfoW
HeapSize
ExitProcess
GetStartupInfoA
HeapDestroy
IsValidLocale
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetVersionExA
GetFileType
LeaveCriticalSection
QueryPerformanceCounter
WaitForSingleObjectEx
WriteFile
EnumSystemLocalesA
WideCharToMultiByte
GetCurrentThreadId
GetEnvironmentStringsW
HeapAlloc
GetTimeFormatA
HeapFree
EnumTimeFormatsA
VirtualFree
GetCurrentProcessId
FreeEnvironmentStringsW
IsBadWritePtr
HeapCreate
MoveFileW
LCMapStringW
GetEnvironmentStrings
GetStartupInfoW
IsValidCodePage
GetLocaleInfoA
SetHandleCount
TlsGetValue
CompareStringW
GetCommandLineA
GetModuleHandleA
CompareStringA
GetOEMCP
FreeEnvironmentStringsA
DeleteFileA
VirtualProtect
EnterCriticalSection
DeleteCriticalSection
GetDateFormatA
LCMapStringA
GetProcAddress
GetStdHandle
GetSystemInfo
GetCommandLineW
TlsAlloc
InterlockedExchange
MultiByteToWideChar
TerminateProcess
GetTimeZoneInformation
VirtualQuery
SetEnvironmentVariableA

advapi32

RegCreateKeyW
GetUserNameA
LookupPrivilegeValueW
InitiateSystemShutdownW
RegQueryInfoKeyA
RegLoadKeyA
InitializeSecurityDescriptor
CryptHashSessionKey
RegReplaceKeyA
InitiateSystemShutdownA
CryptSetProviderW
RegEnumValueA
StartServiceA
CryptAcquireContextW
RegDeleteValueW
CryptSignHashA
CryptDestroyKey
AbortSystemShutdownA
CryptGetKeyParam
CryptEnumProvidersW
RegOpenKeyA
CryptContextAddRef
CryptDuplicateHash

user32

DrawFocusRect
SetClassLongA
WINNLSGetEnableStatus
GetMenuState
IsCharUpperW
SetWindowRgn
WINNLSEnableIME
WaitForInputIdle
GetLastActivePopup
CharLowerW
PeekMessageA

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6877cb1c112b358867a91d3e090378bd

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 7KB - Virtual size: 7KB