538bfb1ebdf24395eaf320bff49622c805a12ada779c9c906722d5549df33816

General

Target

538bfb1ebdf24395eaf320bff49622c805a12ada779c9c906722d5549df33816
Size

139KB
MD5

6ee36098fda31966d8e7f7fcb8e23c30
SHA1

0524916e099449079f170aa5082c1af45f50619f
SHA256

538bfb1ebdf24395eaf320bff49622c805a12ada779c9c906722d5549df33816
SHA512

449e39fca613360ab1c760c1965d021e5a5bfbcfec30a1f88086afb64ac735922b710b53d0ffe19a209e6dc53db71441ef561b8323dbfff2e3c77cd203364d60
SSDEEP

3072:mYLEQzdFj2owwlIj7B9AmfFEUYopt2VQd+1eXsbIPh1ER:xcowwlIrAaqkcP1eXsbug

Score

N/A

Malware Config

Signatures

Files

538bfb1ebdf24395eaf320bff49622c805a12ada779c9c906722d5549df33816
.exe windows x86

c0700bc192ef7851c74337c6a921a1be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringA

shlwapi

PathAppendW

user32

GetDC
LoadAcceleratorsA
LoadCursorA
LoadIconA
RegisterClassA

ws2_32

WSACleanup
WSAStartup

kernel32

CreateEventA
CreateFileA
CreateMutexA
DeleteFileA
DeleteFileW
FindFirstFileA
GetComputerNameA
GetDriveTypeA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetSystemDirectoryW
GetTickCount
GetVersionExA
LoadLibraryA
SearchPathA
VirtualProtect
lstrcmpiA
GetShortPathNameA

ntdll

DbgPrint
NtClose
NtOpenFile
NtOpenKey
NtOpenSymbolicLinkObject
NtQueryInformationProcess
NtQuerySymbolicLinkObject
NtQuerySystemInformation
NtQueryValueKey
NtQueryVolumeInformationFile
RtlAllocateHeap
RtlDosPathNameToNtPathName_U
RtlFreeHeap
RtlFreeUnicodeString
RtlInitUnicodeString
RtlLeaveCriticalSection
RtlSetEnvironmentVariable
RtlInitializeCriticalSection

advapi32

RegQueryValueExA
RegQueryInfoKeyA

Sections

AUTO
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 127KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0700bc192ef7851c74337c6a921a1be

Headers

File Characteristics

Imports

crypt32

shlwapi

user32

ws2_32

kernel32

ntdll

advapi32

Sections

AUTO Size: 7KB - Virtual size: 6KB

DGROUP Size: 127KB - Virtual size: 346KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size:

.rsrc Size: 1024B - Virtual size:

AUTO
Size: 7KB - Virtual size: 6KB

DGROUP
Size: 127KB - Virtual size: 346KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size:

.rsrc
Size: 1024B - Virtual size: