51d066648d65a5486e1718f0221ff40db1ee27bad5cbaa0123b7b20181d6be6e

Sharing

Copy URL Twitter E-mail

General

Target

51d066648d65a5486e1718f0221ff40db1ee27bad5cbaa0123b7b20181d6be6e
Size

312KB
MD5

ee8425bc8829421cc84dce76c89f4ea9
SHA1

bd6d32864566a1cb13f994cd1f43021425c6fbe3
SHA256

51d066648d65a5486e1718f0221ff40db1ee27bad5cbaa0123b7b20181d6be6e
SHA512

93a2cd8a1f3840a64ea698089ebc3a4f76411b408249de017b4cd465f7edf11696d0693a4ff520ce90d038e703a90e6bbe2e7353fc04ea39bd64f7f70ae33af4
SSDEEP

6144:Rlv055Xl2jrOQ/vLSPjYwEYL84DMhGtSdBzK7EDO7iz1DeIz+F0+7UPcssDVuu:RlvohQ3vw+4QVjzKAL1Dek+R7UP3eVuu

Score

N/A

Malware Config

Signatures

Files

51d066648d65a5486e1718f0221ff40db1ee27bad5cbaa0123b7b20181d6be6e
.exe windows x86

cbdf9544f22dca9a256d586f8b57ef69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
RegOpenKeyExW
RegCreateKeyA
RegDeleteValueW
DuplicateTokenEx
LookupPrivilegeValueA
SetThreadToken
DeleteService

ole32

CreateItemMoniker
OleRegGetMiscStatus
CoRevokeClassObject
CreateOleAdviseHolder
IIDFromString
CoTaskMemFree
CoCreateFreeThreadedMarshaler
OleRegEnumFormatEtc

comctl32

ImageList_Create
ImageList_GetImageCount

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW

shell32

SHGetMalloc
SHAppBarMessage

gdi32

ExtEscape
CopyMetaFileW

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
VirtualAlloc
lstrlenA
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
FindCloseChangeNotification
DosDateTimeToFileTime
FindNextFileA
LocalReAlloc
OpenProcess
GetDiskFreeSpaceW
RemoveDirectoryA
Process32NextW
HeapDestroy
OutputDebugStringA
TransactNamedPipe
lstrcpynW
CreateThread
CreateFileA
TlsSetValue
SetHandleCount
GetPrivateProfileIntA
GetPrivateProfileStringA
IsBadCodePtr
GetExitCodeThread
FindNextChangeNotification
WritePrivateProfileStringW
_lopen
ReadFile
ExitThread
SetFilePointerEx
lstrcmpW
HeapCreate
SetThreadExecutionState
OpenFile
FindResourceW
lstrcmpiA
IsDBCSLeadByte
ConvertDefaultLocale
FreeEnvironmentStringsW
VirtualQuery
GlobalFindAtomA
lstrcpynA
UnhandledExceptionFilter
VirtualQueryEx
FindResourceExW
GetLongPathNameW
DeleteTimerQueueEx
GetModuleHandleA
FindClose
OpenEventA
GetSystemWindowsDirectoryW
VirtualProtect
SetCurrentDirectoryA
LockFile
GetSystemPowerStatus
VirtualFree
IsValidCodePage
GlobalHandle
GetFileAttributesA
WinExec
GetProfileStringW
EnumResourceNamesW
SetEnvironmentVariableA
SetWaitableTimer
GlobalGetAtomNameW
lstrcpyA
SetNamedPipeHandleState
GlobalReAlloc
WriteFile
AddAtomA
EnumCalendarInfoA
FlushInstructionCache
VerifyVersionInfoW
GlobalAlloc
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
RtlUnwind
HeapFree
GetVersionExA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA

user32

RegisterClassExW
GetScrollInfo
DdeUnaccessData
GetClassNameA
GetWindowPlacement
ReuseDDElParam
ActivateKeyboardLayout
GetWindowTextLengthW
DestroyAcceleratorTable
AllowSetForegroundWindow
SetMenuItemInfoA
SetClassLongA
BeginPaint

Sections

.text
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

iamosgk
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggqgwo
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

umugw
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbdf9544f22dca9a256d586f8b57ef69

Headers

File Characteristics

Imports

advapi32

ole32

comctl32

version

shell32

gdi32

kernel32

user32

Sections

.text Size: 252KB - Virtual size: 249KB

iamosgk Size: 20KB - Virtual size: 17KB

ggqgwo Size: 20KB - Virtual size: 20KB

umugw Size: 16KB - Virtual size: 12KB

.text
Size: 252KB - Virtual size: 249KB

iamosgk
Size: 20KB - Virtual size: 17KB

ggqgwo
Size: 20KB - Virtual size: 20KB

umugw
Size: 16KB - Virtual size: 12KB