1b2814f60cda0cd82dac805a6339dff2f58f5e9363fae8ed7e547957ddf554f2

Sharing

Copy URL Twitter E-mail

General

Target

1b2814f60cda0cd82dac805a6339dff2f58f5e9363fae8ed7e547957ddf554f2
Size

164KB
MD5

623f3f2a9f27c8d726d7dcb571361740
SHA1

1a7c7b27b4e6d0056da2844e36dd9aed174c972f
SHA256

1b2814f60cda0cd82dac805a6339dff2f58f5e9363fae8ed7e547957ddf554f2
SHA512

e8a39843c7136c5be21bbfbefe20d554e61d5dda49c9698e3d8d7759e7ffd971edbe0e1f6d04d038ed9ac4d8bdbe196d0ca6bf6ba5c5044feb588fad3c8fd2a4
SSDEEP

3072:UGPO9iE6eZt3E/JeeSMJOoMtBHJrxuunDACQ64WdeEklB:fPO9Dt3EBSJ42C4deZlB

Score

N/A

Malware Config

Signatures

Files

1b2814f60cda0cd82dac805a6339dff2f58f5e9363fae8ed7e547957ddf554f2
.exe windows x86

fc94c4254e279bc812821bde57c6fef4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
DeleteFileA
SetFileAttributesA
CopyFileA
FindClose
FindFirstFileA
Sleep
WritePrivateProfileStringA
GetSystemDirectoryA
RemoveDirectoryA
FindNextFileA
CreateDirectoryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
CloseHandle
MultiByteToWideChar
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
GetStartupInfoA
HeapReAlloc
VirtualAlloc
WriteFile
GetLocalTime
GetLastError
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
GetVersionExA
GetStringTypeA
GetStringTypeW
LCMapStringW
VirtualFree
HeapCreate
FreeLibrary
LCMapStringA
TerminateProcess
GetModuleHandleA
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy

user32

GetWindowLongA
SendMessageA
FindWindowA
wsprintfA
BringWindowToTop
DestroyWindow
LoadCursorA
RegisterClassA
CreateWindowExA
SetWindowLongA
TranslateMessage
DefWindowProcA
LoadIconA
DispatchMessageA
MessageBoxA
LoadStringA
GetMessageA
PostMessageA
wvsprintfA
CharUpperA
PostQuitMessage
IsWindow

gdi32

GetStockObject

advapi32

RegFlushKey
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteExA

setupapi

SetupFindFirstLineA
SetupOpenAppendInfFileA
SetupDefaultQueueCallbackA
SetupTermDefaultQueueCallback
SetupInstallFromInfSectionA
SetupGetLineCountA
SetupGetLineByIndexA
SetupOpenFileQueue
SetupQueueCopySectionA
SetupCommitFileQueueA
SetupCloseFileQueue
SetupCopyOEMInfA
SetupCloseInfFile
SetupOpenInfFileA
SetupInitDefaultQueueCallback
SetupInstallServicesFromInfSectionA
SetupGetLineTextA

comctl32

ord17

shlwapi

SHDeleteKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc94c4254e279bc812821bde57c6fef4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

setupapi

comctl32

shlwapi

version

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 76KB - Virtual size: 76KB