cf29adfac1a85aeed17f39fdaf644a6e62a746546ed798c27d30784debe08ff8

Sharing

Copy URL Twitter E-mail

General

Target

cf29adfac1a85aeed17f39fdaf644a6e62a746546ed798c27d30784debe08ff8
Size

131KB
MD5

a8edc4e35dbb906a0bee653fa5517977
SHA1

dd3e42cc71c9021ae43686cf80ed77b88601fb2e
SHA256

cf29adfac1a85aeed17f39fdaf644a6e62a746546ed798c27d30784debe08ff8
SHA512

dd94c80ae2839ff6f16b02ac3a478eaafe5a56dbb7f9aa8ee45820b4b693c0957cadda903bac0e9495da75cd318202d71fc3219c372186a4bb8423c78fd2c588
SSDEEP

3072:fGvms0A5EbMgcUaK30H859AnAezIw9s0eEt:PA5tgcUaKxAJg0zt

Score

N/A

Malware Config

Signatures

Files

cf29adfac1a85aeed17f39fdaf644a6e62a746546ed798c27d30784debe08ff8
.exe windows x86

e69eac7971480c7dca1d640a74483f11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueW
RegOpenKeyW
RegFlushKey
RegQueryValueExA
RegDeleteKeyW
RegReplaceKeyA
RegLoadKeyW
RegQueryInfoKeyA
RegCreateKeyExW
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyA
RegDeleteValueW
RegReplaceKeyW
RegQueryValueA
RegCreateKeyW
RegEnumKeyW
RegGetKeySecurity
RegEnumValueA
RegQueryValueExW
RegLoadKeyA
RegDeleteKeyA
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueA
RegOpenKeyExA
RegQueryInfoKeyW
RegCreateKeyExA
RegFlushKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyW
RegEnumKeyW
RegLoadKeyW
RegQueryValueA
RegOpenKeyA
RegEnumValueA
RegQueryValueExA
RegEnumKeyExW
RegCreateKeyExW
RegEnumKeyExA
RegQueryValueExW
RegReplaceKeyW
RegEnumKeyA
RegDeleteValueA
RegOpenKeyW
RegQueryInfoKeyA
RegEnumValueW
RegOpenKeyExA
RegDeleteKeyA
RegGetKeySecurity
RegLoadKeyA
RegQueryValueW
RegCreateKeyExA
RegOpenKeyExW
RegReplaceKeyA
RegQueryInfoKeyW

kernel32

CloseHandle
GetDateFormatA
CloseHandle
DeleteFileA
CloseHandle
GetFileAttributesA
CloseHandle
GetStringTypeA
CloseHandle
GetLocalTime
CloseHandle
FreeLibrary
CloseHandle
HeapFree
CloseHandle
GlobalAlloc
CloseHandle
GetCommandLineA
CloseHandle
lstrcmpiA

user32

EndDialog
AppendMenuA
GetWindowTextA
IsWindow
GetDC
GetFocus
GetWindowTextLengthA
CopyRect
AppendMenuW
DrawTextA
CreateIcon
GetMenu
InsertMenuA
DialogBoxParamW
DrawIcon
IsMenu
GetCursor
DialogBoxParamA
CopyIcon
LoadCursorA
DrawTextW
CopyImage
LoadMenuA
CloseWindow
DrawIconEx
BlockInput
CalcMenuBar
AlignRects
GetDlgItem
CopyIcon
GetDlgItem
GetDC
LoadCursorA
AppendMenuA
DrawTextA
CalcMenuBar
InsertMenuA
IsMenu
CopyImage
DrawIcon
AppendMenuW
GetCursor
AlignRects
LoadMenuA
EndDialog
GetFocus
DialogBoxParamW
IsWindow
GetMenu
CloseWindow
BlockInput
CopyRect
CreateIcon
DialogBoxParamA
GetWindowTextA
DrawIconEx
DrawTextW
GetWindowTextLengthA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.raata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edaaa
Size: 9KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e69eac7971480c7dca1d640a74483f11

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 15KB - Virtual size: 14KB

.raata Size: 103KB - Virtual size: 102KB

.edaaa Size: 9KB - Virtual size: 136KB

.text
Size: 15KB - Virtual size: 14KB

.raata
Size: 103KB - Virtual size: 102KB

.edaaa
Size: 9KB - Virtual size: 136KB