15f710a8ffab943c1b9780af3fe500e3620889a9602d26bc0e66f4e0b4b040eb

Sharing

Copy URL Twitter E-mail

General

Target

15f710a8ffab943c1b9780af3fe500e3620889a9602d26bc0e66f4e0b4b040eb
Size

254KB
MD5

6c6d7b3457d625eca822e41437bf9bc0
SHA1

01d6d0faf55e729a832f5f71ef743c5954e3e637
SHA256

15f710a8ffab943c1b9780af3fe500e3620889a9602d26bc0e66f4e0b4b040eb
SHA512

a613fa92c0031bacde95cf8a763957aff4dd9aa97e3e012c04d6051e8b29fd2b59c6895042eedbab63895b6cb0e8d72073eb86efdaf51583549c8b57f4a9b279
SSDEEP

6144:zsyD1cvReP9aqSX7NgbS7UvOpCh6XZOul4w8DUP6AH:w49a/Wvvgpb49oyAH

Score

N/A

Malware Config

Signatures

Files

15f710a8ffab943c1b9780af3fe500e3620889a9602d26bc0e66f4e0b4b040eb
.exe windows x86

59dc4efaa7d8afd8d31cd48ac65d7260

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
lstrcpyA
lstrcatA
lstrlenA
GetVersionExA
GetModuleHandleA
lstrcmpA
HeapCreate
GetACP
GetCPInfo
GetLocaleInfoW
GetLocaleInfoA
LoadLibraryA
GetStringTypeW
GetFileAttributesA
GetOEMCP
GetEnvironmentStringsW
GetStringTypeA
MultiByteToWideChar
GetVersion
InitializeCriticalSection
ExitProcess
GetCurrentProcess
GetCurrentThreadId
TlsAlloc
GetLastError
GetModuleFileNameA
GetStartupInfoA
GetProcessHeap
GetProcAddress

user32

MessageBoxA
SetDlgItemTextA
wsprintfA
DialogBoxParamA
EndDialog
MoveWindow
EnumWindows
IsIconic
ShowWindow
OffsetRect
GetSystemMetrics

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

imagehlp

FindFileInPath
SymSetOptions
SymGetModuleInfoW
SymUnDName64
SymUnloadModule64
SymGetSymFromAddr
SymLoadModule
SymGetTypeInfo
SymEnumerateSymbols
StackWalk
SymEnumerateModules64
SymMatchString
SymSetContext
SearchTreeForFile
SymEnumSymbols
SymFunctionTableAccess
MapFileAndCheckSumW
SymGetModuleInfoW64

utildll

EnumerateMultiUserServers
CtxGetAnyDCName
GetUnknownString
CurrentDateTimeString

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rn
Size: 1024B - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WmSh
Size: 2KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 78KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iSB
Size: 2KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 138KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ypGo
Size: 2KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59dc4efaa7d8afd8d31cd48ac65d7260

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

imagehlp

utildll

Sections

.text Size: 2KB - Virtual size: 2KB

.rn Size: 1024B - Virtual size: 50KB

.text Size: 16KB - Virtual size: 16KB

.WmSh Size: 2KB - Virtual size: 326KB

.rdata Size: 2KB - Virtual size: 30KB

.edata Size: 78KB - Virtual size: 136KB

.iSB Size: 2KB - Virtual size: 65KB

.data Size: 6KB - Virtual size: 19KB

.edata Size: 138KB - Virtual size: 163KB

.ypGo Size: 2KB - Virtual size: 75KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 2KB

.rn
Size: 1024B - Virtual size: 50KB

.text
Size: 16KB - Virtual size: 16KB

.WmSh
Size: 2KB - Virtual size: 326KB

.rdata
Size: 2KB - Virtual size: 30KB

.edata
Size: 78KB - Virtual size: 136KB

.iSB
Size: 2KB - Virtual size: 65KB

.data
Size: 6KB - Virtual size: 19KB

.edata
Size: 138KB - Virtual size: 163KB

.ypGo
Size: 2KB - Virtual size: 75KB

.rsrc
Size: 2KB - Virtual size: 1KB