18701dca6210c1afce69a969e052fedd63737f89d7a8aa780f61438c0ab21bde

Sharing

Copy URL Twitter E-mail

General

Target

18701dca6210c1afce69a969e052fedd63737f89d7a8aa780f61438c0ab21bde
Size

263KB
MD5

61d9821a83be056256194e9861444d19
SHA1

266fc680a4dffc5fd7f8050bd6bfee584f9eb2c0
SHA256

18701dca6210c1afce69a969e052fedd63737f89d7a8aa780f61438c0ab21bde
SHA512

8257c3aaf112030a5a38528979f4c1ef12376e59b3c759561ed90f007f55a00b70b4a272ee3fba53c9696bf04bc803b9b74170cfcc492c50eb18c99361c4d938
SSDEEP

6144:6Rm+GnikaKx96Bqzmkq9ZOc/2R4aApr4kIN3ViU:4GipKfx6VYg2TNli

Score

N/A

Malware Config

Signatures

Files

18701dca6210c1afce69a969e052fedd63737f89d7a8aa780f61438c0ab21bde
.exe windows x86

f3de3d844807e988af8780f97ec6355b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OemToCharW
GetKBCodePage
SetRect
DdeSetUserHandle
SetPropA
DdeNameService
GetDC
GetClassWord
PostThreadMessageW
DefMDIChildProcA
CreateDesktopA
OpenWindowStationA
WinHelpW
IsCharUpperW
DefWindowProcA
CloseClipboard
DrawFrameControl
EnumWindowStationsW
SetPropW
InsertMenuItemA

advapi32

LookupAccountNameW
RegFlushKey
ReportEventW
RegOpenKeyExW
LookupPrivilegeValueW
CryptDuplicateHash
RegSetValueExA
CryptAcquireContextA
InitiateSystemShutdownW
RegOpenKeyW

kernel32

GetStringTypeA
WideCharToMultiByte
HeapReAlloc
GetModuleFileNameA
LCMapStringW
GetTimeZoneInformation
GetCommandLineA
GetFileType
TlsSetValue
GetOEMCP
LockFileEx
TlsGetValue
LoadLibraryA
HeapCreate
GetVersionExA
IsValidCodePage
VirtualAlloc
SetUnhandledExceptionFilter
QueryPerformanceCounter
DeleteCriticalSection
SetConsoleCtrlHandler
InitializeCriticalSection
HeapSize
GetLocaleInfoW
HeapDestroy
GetEnvironmentStrings
SetHandleCount
IsValidLocale
EnumCalendarInfoExA
EnumSystemLocalesA
GetLastError
InterlockedIncrement
GetLocaleInfoA
Sleep
TerminateProcess
ReadConsoleOutputA
CreateFileA
GetTickCount
MultiByteToWideChar
GetStartupInfoA
LocalCompact
GetCurrentThread
UnhandledExceptionFilter
GetProcessHeap
HeapFree
GetACP
GetSystemTimeAsFileTime
SetEvent
TlsFree
GetCurrencyFormatW
CompareStringW
WriteFile
TransactNamedPipe
VirtualFree
EnterCriticalSection
GetVolumeInformationA
GetDateFormatA
HeapAlloc
UnmapViewOfFile
GetEnvironmentStringsW
CompareStringA
GetCPInfo
GetTimeFormatA
GetStringTypeW
SetEnvironmentVariableA
FreeEnvironmentStringsA
LeaveCriticalSection
ExitProcess
GetPrivateProfileIntW
GetModuleHandleW
RtlUnwind
VirtualQuery
GetCurrentProcessId
InterlockedDecrement
SetLastError
GetCurrentThreadId
FreeLibrary
TlsAlloc
GetStdHandle
FreeEnvironmentStringsW
CloseHandle
GetCompressedFileSizeW
TryEnterCriticalSection
GetProcAddress
IsDebuggerPresent
GetComputerNameA
GetCurrentProcess
GetUserDefaultLCID
InterlockedExchange
LCMapStringA
GetModuleHandleA
EnumSystemCodePagesW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3de3d844807e988af8780f97ec6355b

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 9KB - Virtual size: 12KB

.data Size: 137KB - Virtual size: 136KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 9KB - Virtual size: 12KB

.data
Size: 137KB - Virtual size: 136KB

.rsrc
Size: 7KB - Virtual size: 6KB