61e31264e2ff0a30dfa4fc9e6dd0f9117d99b7559aee02e2b974a4cfb7cd118a

Sharing

Copy URL Twitter E-mail

General

Target

61e31264e2ff0a30dfa4fc9e6dd0f9117d99b7559aee02e2b974a4cfb7cd118a
Size

168KB
MD5

560ef72c50e7c867a1fac879aafa5000
SHA1

aa33b0bf33994beef263c6ec34a51d18a34b2b13
SHA256

61e31264e2ff0a30dfa4fc9e6dd0f9117d99b7559aee02e2b974a4cfb7cd118a
SHA512

fad76b054214e77ca416d8d6a8c9f9085efcc077bb855a3b8e72fa706ca817e31535a69000e2a1a6ef2dcf98e7c00f70d04c21a3f7018490286d1cae0e2035ef
SSDEEP

3072:b6c/xdD7Dhu1cCjMe/64RaXhyNS2dBWml/mRKxi8iPrK:fdD7DhgJ4EW+mRKo8Sr

Score

N/A

Malware Config

Signatures

Files

61e31264e2ff0a30dfa4fc9e6dd0f9117d99b7559aee02e2b974a4cfb7cd118a
.exe windows x86

4f7e4b2a39dde2dd4300e3511b66cca5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegGetKeySecurity
RegSetValueExA
RegSetKeySecurity
RegOpenKeyExA
RegEnumValueA
RegCloseKey
OpenSCManagerA
RegDeleteKeyA
GetUserNameW
RegEnumKeyExA
RegRestoreKeyA
RegDeleteKeyW
CloseServiceHandle
RegEnumKeyExW

user32

GetUserObjectSecurity

kernel32

EnumSystemLocalesA
GetLocaleInfoA
GetTickCount
GetCommandLineA
GetLastError
GetCurrentProcessId
GetModuleHandleA
lstrcmpA
VirtualAlloc
CreateEventW
WriteFile
lstrlenW
ExitProcess
GetOEMCP
GetEnvironmentStringsW
GetCommandLineW
FreeLibrary
EnterCriticalSection
ReadFile
LocalFree
LoadLibraryW
GetModuleHandleW
LeaveCriticalSection
GetFileAttributesW
LoadResource
WaitForSingleObject
InitializeCriticalSection
GetStdHandle
CreateEventA
CreateMutexA
GetProcessVersion
CreateSemaphoreA
GetVersionExA
GetEnvironmentStrings
GetCurrentThread
GetUserDefaultLCID
IsValidLocale
RtlUnwind
HeapSetInformation
GetStartupInfoW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
SetUnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
FatalAppExitA
GetCPInfo
GetACP
IsValidCodePage
HeapFree
Sleep
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
HeapAlloc
IsProcessorFeaturePresent
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
HeapSize

rtm

RtmReleaseEntities

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f7e4b2a39dde2dd4300e3511b66cca5

Headers

File Characteristics

Imports

advapi32

user32

kernel32

rtm

Sections

.text Size: 92KB - Virtual size: 88KB

.data Size: 60KB - Virtual size: 56KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 92KB - Virtual size: 88KB

.data
Size: 60KB - Virtual size: 56KB

.rsrc
Size: 12KB - Virtual size: 9KB