942c5b7550880e51de14b5c6691b15de42a8af5047b9464fbed03663d5c0d081

Sharing

Copy URL Twitter E-mail

General

Target

942c5b7550880e51de14b5c6691b15de42a8af5047b9464fbed03663d5c0d081
Size

139KB
MD5

6f5b411b9d1f5d04f8b31e619f473e58
SHA1

2e35ef8320e6cf5c6272a2657b506c2745d7e251
SHA256

942c5b7550880e51de14b5c6691b15de42a8af5047b9464fbed03663d5c0d081
SHA512

b283de4af4e50f88eb191fb5c038aae6dc183447cc66edfe761836987c9759878fbce0d22659110e208cf962e50ad827e972182cc43bf59caa905df53320de2b
SSDEEP

3072:qtLwYDomTa61m7552r/lzWA8r1E7LUhLTCO6yrBc+4A0Vbss:ALbzTa6160lz4xaIVT6yrBp4

Score

N/A

Malware Config

Signatures

Files

942c5b7550880e51de14b5c6691b15de42a8af5047b9464fbed03663d5c0d081
.exe windows x86

7b2b6ade7d19c019d823bd4b6b9ba8df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetUserObjectSecurity
wsprintfW
GetUserObjectSecurity
LoadStringW

shell32

CommandLineToArgvW

mfc42u

ord2756
ord922
ord535
ord925
ord5601
ord3971
ord825
ord823
ord800
ord858
ord540
ord538
ord415
ord715
ord5616
ord4124
ord1081
ord4199
ord942
ord5706
ord861
ord3658
ord1863
ord2606
ord996
ord927

msvcrt

__CxxFrameHandler
time
fclose
printf
_iob
wcscmp
_wcsnicmp
fputws
ctime
fwprintf
_wfopen
fgetws
fflush
clock
_c_exit
_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
??1type_info@@UAE@XZ
_controlfp
?terminate@@YAXXZ

advapi32

LookupPrivilegeValueW
OpenProcessToken
GetUserNameW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
AdjustTokenPrivileges

kernel32

BackupRead
BackupWrite
lstrcpyW
FindNextFileW
RemoveDirectoryW
GlobalAlloc
CreateFileW
SetFileAttributesW
CreateDirectoryExW
CreateDirectoryW
GetFileAttributesW
FindFirstFileW
FindClose
GlobalFree
GetVolumeInformationW
CompareFileTime
FormatMessageW
WideCharToMultiByte
GetVersion
lstrcmpiW
lstrcatW
ExpandEnvironmentStringsW
CopyFileExW
lstrcmpW
GetSystemTime
FileTimeToSystemTime
LocalFileTimeToFileTime
lstrlenW
GetModuleHandleW
SystemTimeToFileTime
GetCommandLineW
SetErrorMode
FindFirstChangeNotificationW
CreateWaitableTimerW
SetWaitableTimer
WaitForMultipleObjects
CloseHandle
FindCloseChangeNotification
FindNextChangeNotification
GetCurrentProcessId
OpenProcess
GetLastError
SetLastError
GetLocalTime
SetFileTime
Sleep
DeleteFileW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetFullPathNameW
GetSystemTimeAsFileTime

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b2b6ade7d19c019d823bd4b6b9ba8df

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

mfc42u

msvcrt

advapi32

kernel32

Sections

.text Size: 53KB - Virtual size: 52KB

.data Size: 512B - Virtual size: 135KB

Size: 61KB - Virtual size: 60KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 53KB - Virtual size: 52KB

.data
Size: 512B - Virtual size: 135KB

.rsrc
Size: 23KB - Virtual size: 23KB