708d31f34afe4af949ac17f43b69ac6a01eec6481ff463c3781af50f2beab221

General

Target

708d31f34afe4af949ac17f43b69ac6a01eec6481ff463c3781af50f2beab221
Size

316KB
MD5

61995ba2ecbd9153b27491ccb9e6c380
SHA1

d5a1144adb9f0f5666b5d6b151688a8190e50729
SHA256

708d31f34afe4af949ac17f43b69ac6a01eec6481ff463c3781af50f2beab221
SHA512

79992387b64d29ae1fb2b86b4f44750bb5a58f5f9ee47b6ba5cc91ba9b76d6aafd5fa7b9cdd07a36dca3f6c14c7fd1e6e282525723a58bab1347e9815002eb45
SSDEEP

6144:3buJFLQIPNuAlw5K5Yt3rjmp9ws5zaNQ6KDwcBWsFBcReeZ9pLlUpDhMJYHJwdun:3qJtLuewY5YBmnF27KLiRVZ9pLMDhW4P

Score

N/A

Malware Config

Signatures

Files

708d31f34afe4af949ac17f43b69ac6a01eec6481ff463c3781af50f2beab221
.exe windows x86

b3b47c4e5d48c2cd77ae78b9b6fa228e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_stricmp
_strnicmp
strncmp
isprint
fflush
fopen
vprintf
rand
_fullpath
printf
_iob
toupper
wcslen
_itoa
memmove
sprintf
fclose
strncpy
_splitpath
_makepath
fprintf
_strupr

kernel32

WaitForMultipleObjects
GetLastError
SetFilePointer
SetEvent
GlobalFindAtomA
GetProcAddress
VirtualFree
OpenSemaphoreA
ResetEvent
LoadLibraryW
MapViewOfFile
GetFileAttributesA
ReleaseMutex
CreateMutexA
RemoveDirectoryA
CreateDirectoryA
FindClose
ReadFile
OpenEventA
InterlockedIncrement
GetFileSize
InterlockedDecrement
GetUserDefaultLangID
CompareStringW
lstrlenA
LocalAlloc
ReadFileEx
SetEndOfFile
GetExitCodeThread
FindFirstFileA
GetSystemInfo
GetDiskFreeSpaceA
UnmapViewOfFile
WriteFile
OpenFileMappingA
LCMapStringW
CreateEventA
SetThreadPriority
LeaveCriticalSection
GlobalAlloc
lstrcmpA
DeleteCriticalSection
GetTickCount
GetModuleHandleA
ExpandEnvironmentStringsA
CreateFileA
WaitForSingleObject
CreateThread
OpenMutexA
lstrcpyA
FreeLibrary
GetCurrentProcessId
CreateSemaphoreA
WaitForSingleObjectEx
WriteFileEx
FindNextFileA
GlobalFree
EnterCriticalSection
CloseHandle
ReleaseSemaphore
GetModuleFileNameA

advapi32

RegCloseKey
SetSecurityDescriptorDacl
GetLengthSid
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
DeregisterEventSource
RegOpenKeyExA
InitializeAcl
AllocateAndInitializeSid
ReportEventA
FreeSid
RegDeleteValueA
RegSetValueExA
RegisterEventSourceA

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b47c4e5d48c2cd77ae78b9b6fa228e

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

Sections

.text Size: 155KB - Virtual size: 155KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 76KB - Virtual size: 76KB

.rsrc Size: 74KB - Virtual size: 74KB

.text
Size: 155KB - Virtual size: 155KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 74KB - Virtual size: 74KB