f16293d005947b4cde5bd53758c55e376698096d1f9707b5a5fca2f3c7066c1a

Sharing

Copy URL Twitter E-mail

General

Target

f16293d005947b4cde5bd53758c55e376698096d1f9707b5a5fca2f3c7066c1a
Size

450KB
MD5

7585b9cfbde0949c3b91d64c8518ed96
SHA1

7c5cdcb79b8f439b27ec867ffe2a65a3bccc1c89
SHA256

f16293d005947b4cde5bd53758c55e376698096d1f9707b5a5fca2f3c7066c1a
SHA512

d8a408b5281f0407c6e51ebea3c9f3496c601c87fcb48d2cb76d883baabe77fed86aa5a4ad4e9daa7109c5e06ea76a98bd00b19f76eb9a12de3956ecf1ad52d7
SSDEEP

12288:nDCh6KrebI0gaOpjCOPrW3dZgtNWAl2Atk:nOUKX0PGrmZ+2Atk

Score

N/A

Malware Config

Signatures

Files

f16293d005947b4cde5bd53758c55e376698096d1f9707b5a5fca2f3c7066c1a
.exe windows x86

3c6d0217bab76725f1671fb003bf080f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemInt
CascadeWindows
GetWindowTextLengthA
ChildWindowFromPoint

advapi32

ReadEventLogA
ClearEventLogA
RegLoadKeyA
AdjustTokenPrivileges
BackupEventLogA
AdjustTokenGroups
PrivilegeCheck
RegOpenKeyA
OpenEventLogA

kernel32

VerLanguageNameA
WritePrivateProfileStructA
GetProfileSectionA
GetModuleHandleA
GetProcAddress
GetProcessHeap
TlsGetValue
LocalReAlloc
CreateSemaphoreA
LocalLock
VirtualAlloc
GetComputerNameA
SetEvent
GetExitCodeThread
QueryPerformanceCounter
LocalHandle
GetCurrentProcess
GetLastError
GetFullPathNameA
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentDirectoryA
GetDriveTypeA
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
SetFilePointer
ReadFile
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
HeapReAlloc
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteFile
MultiByteToWideChar
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
RtlUnwind
CloseHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
FlushFileBuffers
SetEndOfFile
LCMapStringA
LCMapStringW

version

VerInstallFileA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA

uxtheme

GetThemeTextExtent

wsnmp32

ord200

activeds

ord3
ord9
ord23

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c6d0217bab76725f1671fb003bf080f

Headers

File Characteristics

Imports

user32

advapi32

kernel32

version

uxtheme

wsnmp32

activeds

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 543KB

.rsrc Size: 405KB - Virtual size: 404KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 543KB

.rsrc
Size: 405KB - Virtual size: 404KB

.reloc
Size: 4KB - Virtual size: 4KB