16b1fb8f561d67d4d1d94b7d9afbc29247736cee78453cc1c791001635d95bce

Sharing

Copy URL Twitter E-mail

General

Target

16b1fb8f561d67d4d1d94b7d9afbc29247736cee78453cc1c791001635d95bce
Size

292KB
MD5

78cf2301b03ba39d1afa807852d88a6a
SHA1

5a07d904751e310c8cf88785977214d772bbd54e
SHA256

16b1fb8f561d67d4d1d94b7d9afbc29247736cee78453cc1c791001635d95bce
SHA512

7b95a6b52018daa0f2e09bc950bd3ca6dcb093429461556c98cd961d18efa6f9e2e90266e5780d2c9214e610e96b280405c6aca129f4361cf5d5149ab8c65d5f
SSDEEP

6144:cI+LGKI1clP6QZLncxTilX5NfdWvkjTYCwkEo8DzP+w01zOXOpmJNzA3QxQz:/KlTSK0kEC1zSHmwQ

Score

N/A

Malware Config

Signatures

Files

16b1fb8f561d67d4d1d94b7d9afbc29247736cee78453cc1c791001635d95bce
.exe windows x86

0dfd9f03b8f704ca83c8ac13b487c2c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
PeekMessageA
SendMessageA
GetClientRect
GetActiveWindow
GetLastActivePopup
GetKeyState
GetSystemMetrics
LoadIconA
DrawIconEx
DestroyIcon
GetParent
InvalidateRect
ScreenToClient
GetWindowRect
FillRect
InflateRect
CopyRect
DrawStateA
GetForegroundWindow
LoadStringA
UpdateWindow
MessageBoxA
ReleaseDC
GetDC
LoadImageA
EnableWindow
DispatchMessageA

advapi32

RegQueryValueExA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegDeleteKeyA

comctl32

_TrackMouseEvent

msvcr71

_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit

kernel32

CreateProcessA
GetExitCodeProcess
VerifyVersionInfoA
WaitForSingleObject
LoadLibraryExA
VerSetConditionMask
GetVersionExA
LocalFree
GetCurrentProcess
LocalAlloc
GetCurrentThread
InterlockedExchange
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoA
SetUnhandledExceptionFilter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetComputerNameA
VirtualProtect
SetTapeParameters
CreateEventA
InitializeCriticalSection
SetErrorMode
CloseHandle
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
FreeLibrary
GetDateFormatA
lstrlenA
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
CreateThread
Sleep
lstrcpyA
lstrcatA
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
QueryPerformanceCounter

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dfd9f03b8f704ca83c8ac13b487c2c2

Headers

File Characteristics

Imports

user32

advapi32

comctl32

msvcr71

kernel32

Sections

.text Size: 178KB - Virtual size: 177KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 89KB - Virtual size: 148KB

.rsrc Size: 1024B - Virtual size: 800B

.text
Size: 178KB - Virtual size: 177KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 89KB - Virtual size: 148KB

.rsrc
Size: 1024B - Virtual size: 800B