55d7cba708c880c0d5ca6f71c94a16f1ed5c824e9e4e4103c5ba038c42b4980c

Sharing

Copy URL Twitter E-mail

General

Target

55d7cba708c880c0d5ca6f71c94a16f1ed5c824e9e4e4103c5ba038c42b4980c
Size

94KB
MD5

a87dbee5c791655f5bc8b53860a98d87
SHA1

720c343a4e3e4af7bc16bcf9256e9c99e44072d8
SHA256

55d7cba708c880c0d5ca6f71c94a16f1ed5c824e9e4e4103c5ba038c42b4980c
SHA512

6370945b8a3b473fe18c87b30458f445f9ce0dc1d7846e44687ac4c2b1a1f9ff2e99cc5708c3747935f1c53c88e29fe38337a9f380f9f5a6998d64d7009ad5d4
SSDEEP

1536:MvZpymLUhxAuWg5C/lqQikM2itFQBmQv1ene+ldobOjE3sIDO70y0nTZ7GQPJ7Z:MRkmLUFWyC9gf2GVQ9eneOqHDS0TZnPP

Score

N/A

Malware Config

Signatures

Files

55d7cba708c880c0d5ca6f71c94a16f1ed5c824e9e4e4103c5ba038c42b4980c
.exe windows x86

12023a3ba28e5791c4e330044711d043

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
_wcmdln
_controlfp
_XcptFilter
_exit
_cexit
__wgetmainargs
_purecall
memcpy
exit
memset
malloc
free
realloc
??2@YAPAXI@Z
??3@YAXPAX@Z

advapi32

RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW

kernel32

InterlockedCompareExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedExchange
GetModuleHandleW
GetStartupInfoW
GetCommandLineW
GetCurrentThreadId
Sleep
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
lstrlenA
lstrcatW
CreateEventW
RtlUnwind
lstrcmpiW
WaitForSingleObject
lstrcpynW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
SetPriorityClass
GetCurrentProcess
GetVersionExW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
lstrlenW
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
CloseHandle
HeapDestroy
SetEvent
CreateThread

user32

DispatchMessageW
CharPrevW
PostThreadMessageW
CharNextW
GetMessageW

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
LoadTypeLi
RegisterTypeLi
SysStringLen
VarUI4FromStr
SysFreeString

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12023a3ba28e5791c4e330044711d043

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ole32

oleaut32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.cdata Size: 72KB - Virtual size: 72KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.cdata
Size: 72KB - Virtual size: 72KB