ac2977c79a69d1f7ba0a0a2b6dbd6a22b034d549f84e1acb75d3c08e3608b63e

Sharing

Copy URL Twitter E-mail

General

Target

ac2977c79a69d1f7ba0a0a2b6dbd6a22b034d549f84e1acb75d3c08e3608b63e
Size

604KB
MD5

0071312ebe2c9fdd10e034bd6c7f1060
SHA1

febbbc2d56ed739843138b0a66ffafcd001c6e5b
SHA256

ac2977c79a69d1f7ba0a0a2b6dbd6a22b034d549f84e1acb75d3c08e3608b63e
SHA512

f03cd32d79127d7add6a913d3651f71862829444fff5fdea48ed34ad4f7184b34dd2754bfb2bcb4c8ed263294c753aafbb3803ad05c93d75d2c5d2533daa100d
SSDEEP

12288:3XGDQBsG8NWfpmZnRAD88FMN6FDZuDoOhc2Lj:3CQiv/nkoCuDoOi2Lj

Score

N/A

Malware Config

Signatures

Files

ac2977c79a69d1f7ba0a0a2b6dbd6a22b034d549f84e1acb75d3c08e3608b63e
.exe windows x86

c491acc529f838d3b1922c6ac254a7ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
sin
RtlUnwind

kernel32

InterlockedCompareExchange
AddVectoredExceptionHandler
FreeConsole
GetExitCodeProcess
CreateWaitableTimerW
GetCurrentThread
RemoveVectoredExceptionHandler
FindFirstFileA
FindClose
GetModuleHandleA
GetTempPathA
CreateFileMappingA
FlushFileBuffers
LoadLibraryA
CreateFileA
LoadResource
lstrlenA
GetFileType
GetStringTypeA
GetStdHandle
lstrcmpiA
GetEnvironmentStrings
GetACP
ExitProcess
SetUnhandledExceptionFilter
SetStdHandle
LCMapStringW
WideCharToMultiByte
lstrcpyA
WritePrivateProfileStringA
CloseHandle
IsBadReadPtr
GetCurrentProcess
GlobalAlloc
GlobalUnlock
HeapFree
CompareStringA
GetDiskFreeSpaceA
HeapAlloc
MultiByteToWideChar
GetWindowsDirectoryA
UnhandledExceptionFilter
GetProcessHeap
TerminateProcess
GetProcAddress
LocalAlloc
LocalFree
MoveFileExA
SetHandleCount
GlobalFree
CreateDirectoryA
GetPrivateProfileStringA
LockResource
GetSystemDirectoryA
MapViewOfFile
lstrcpynA
GetOEMCP
SizeofResource
UnmapViewOfFile
SetFilePointer
GetShortPathNameA
GetFileSize
LCMapStringA
GetStringTypeW
GetEnvironmentStringsW
SetEnvironmentVariableA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetLastError
GetTimeZoneInformation
GetLocaleInfoW
VirtualQuery
GetSystemInfo
CompareStringW
GetPrivateProfileSectionA
FindResourceA
VirtualProtect
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
WriteFile
GetModuleFileNameA
GetStartupInfoA
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
GetCPInfo
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryExA
InitializeCriticalSection
Sleep
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

advapi32

RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c491acc529f838d3b1922c6ac254a7ee

Headers

File Characteristics

Imports

ntdll

kernel32

shell32

advapi32

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 424KB - Virtual size: 422KB

.data Size: 12KB - Virtual size: 227KB

.text0 Size: 16KB - Virtual size: 16KB

.text1 Size: 4KB - Virtual size: 4KB

.text2 Size: 16KB - Virtual size: 16KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 424KB - Virtual size: 422KB

.data
Size: 12KB - Virtual size: 227KB

.text0
Size: 16KB - Virtual size: 16KB

.text1
Size: 4KB - Virtual size: 4KB

.text2
Size: 16KB - Virtual size: 16KB