1090f5c006c8c556abc6ac1894e15668ac5b20a3736d17e8b96e026ad1e0410a

Sharing

Copy URL

Twitter E-mail

General

Target

1090f5c006c8c556abc6ac1894e15668ac5b20a3736d17e8b96e026ad1e0410a
Size

58KB
MD5

baf0d571c01014bdd6948aed75537222
SHA1

70e01c99656792eeb9c2abbb318c966f0b126f28
SHA256

1090f5c006c8c556abc6ac1894e15668ac5b20a3736d17e8b96e026ad1e0410a
SHA512

ee8052fcfbe5a27a157bd644fc9243293c71bc531fd3c46097cf050167f0c084c50ef3a0a38ee041d65e957b1b9aef34795daeb9e55d63dd5ee3bbade8bf80c1
SSDEEP

1536:4Dg5SMGeyCHVaR+trAZCu5IoZSAzcwf3MveTdXMLk:4cxGjqDr+5IoZSAzcwf3MvwdXM

Score

N/A

Malware Config

Signatures

Files

1090f5c006c8c556abc6ac1894e15668ac5b20a3736d17e8b96e026ad1e0410a
.exe windows x86

39ca950ca9c0bbcb0132469af66eeef2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
GetTokenInformation
IsWellKnownSid
OpenProcessToken
RegisterEventSourceA
ReportEventA

setupapi

SetupRenameErrorA
SetupUninstallOEMInfA

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateEventA
CreateMutexA
CreatePipe
DefineDosDeviceA
DeleteCriticalSection
DeleteVolumeMountPointA
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstVolumeA
FindFirstVolumeW
FindNextVolumeA
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetOEMCP
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetThreadTimes
GetTimeZoneInformation
GetUserDefaultLCID
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GetWindowsDirectoryA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LocalFree
MoveFileA
MultiByteToWideChar
OpenMutexA
PeekNamedPipe
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetUnhandledExceptionFilter
SetVolumeMountPointA
SizeofResource
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualQuery
VirtualUnlock
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
lstrlenW

user32

OpenInputDesktop
OpenWindowStationA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetCurrentObject
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32W
GetTextMetricsA
LineTo
MoveToEx
SelectObject
SetMapMode
SetStretchBltMode
StretchBlt

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileA
SHBrowseForFolderW
SHChangeNotify
SHGetFileInfoA
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
Shell_NotifyIconA
Shell_NotifyIconW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 255B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ca950ca9c0bbcb0132469af66eeef2

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

user32

gdi32

shell32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 255B

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 255B

.rsrc
Size: 19KB - Virtual size: 18KB