1600f37081e5f2bf78edb0d465b99a82900b453790c3ebe806ed967276d53b0c

Sharing

Copy URL Twitter E-mail

General

Target

1600f37081e5f2bf78edb0d465b99a82900b453790c3ebe806ed967276d53b0c
Size

215KB
MD5

6e060a83a8fce9335a8706a31611fd00
SHA1

5a7faccc29fdda0ee0df355bf389292159c1e584
SHA256

1600f37081e5f2bf78edb0d465b99a82900b453790c3ebe806ed967276d53b0c
SHA512

a0f98de42e1430fa540bb952e1517bfcba637d96ca14a8da6535fa220dc936a5f90778a9dd068a3265a5e7862ab9ed67a743416c436056aa8b8cfc91b12b61e2
SSDEEP

3072:15fTEoGe4DmzUA3XG/1f7OaFaEzwhtucaIHqTFYPHEa9JZe7XtFRAZPMf+HpsE3g:T3Sm6xOiX2tuFIKTFoHf907RAif++nxz

Score

N/A

Malware Config

Signatures

Files

1600f37081e5f2bf78edb0d465b99a82900b453790c3ebe806ed967276d53b0c
.exe windows x86

472ceb21d139cd1bddc559c4fc19863b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegDeleteKeyA
RegSetValueExA
OpenProcessToken
RegEnumValueW
RegQueryValueExA
RegQueryInfoKeyA
RegQueryValueExW
RegEnumKeyA
RegDeleteValueW
RegEnumKeyW
RegEnumValueA
RegCreateKeyA
RegSetValueExW
RegOpenKeyA
RegDeleteKeyW
LookupPrivilegeValueA
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyW
RegDeleteValueA

kernel32

FileTimeToSystemTime
GetStringTypeA
HeapDestroy
GetStringTypeW
SetHandleCount
GlobalLock
HeapSize
GetDriveTypeA
GetFullPathNameA
TlsAlloc
ReadFile
GetLocalTime
GetEnvironmentStringsA
DeleteCriticalSection
RtlUnwind
InterlockedIncrement
SetFileTime
TlsGetValue
GetStdHandle
FormatMessageW
FreeLibrary
RemoveDirectoryA
GetModuleFileNameW
FindClose
RaiseException
SetEndOfFile
GetFileType
DeleteFileA
GetUserDefaultLCID
SetFilePointer
GlobalUnlock
GetUserDefaultLangID
MultiByteToWideChar
lstrcmpiA
GetCPInfo
GetVersion
IsDBCSLeadByte
CompareStringA
LeaveCriticalSection
SetEnvironmentVariableA
SetLastError
VirtualQuery
SetStdHandle
LoadLibraryW
GetTimeZoneInformation
WideCharToMultiByte
LockFile
GetLastError
LCMapStringW
HeapFree
FreeEnvironmentStringsA
GetVolumeInformationA
GetStartupInfoA
GetCurrentDirectoryA
FindNextFileA
HeapReAlloc
GetComputerNameA
HeapAlloc
InterlockedDecrement
CloseHandle
GetEnvironmentStrings
GetLocaleInfoW
IsValidCodePage
GetModuleFileNameA
WriteFile
FlushFileBuffers
SetCurrentDirectoryA
CreateDirectoryA
CompareStringW
SetErrorMode
IsBadReadPtr
GlobalFree
GlobalAlloc
LCMapStringA
FindFirstFileA
CreateFileA
TlsSetValue
GetFileTime
VirtualFree
HeapCreate
UnlockFile
FileTimeToLocalFileTime
GetTickCount
FreeEnvironmentStringsW
SetLocalTime
GetLocaleInfoA
GetFileAttributesA
GetCurrentProcess
GetCommandLineA
SetFileAttributesA

ole32

BindMoniker
CoDisconnectObject
CoGetMalloc
CreateBindCtx
CoCreateInstance
MkParseDisplayName
CoGetClassObject

user32

CharUpperBuffA
UnhookWindowsHookEx
CharToOemA
WaitForInputIdle
SetWindowsHookExW
GetKeyboardLayout
AttachThreadInput
CharLowerBuffW
SetKeyboardState
GetForegroundWindow
MessageBeep
SetForegroundWindow
IsWindowVisible
GetWindowThreadProcessId
SetFocus
GetWindowTextA
keybd_event
GetWindow
SendMessageA
FindWindowA
CallNextHookEx
LoadStringA
VkKeyScanW
CharUpperBuffW
GetAsyncKeyState
GetKeyboardState
GetFocus
CharLowerBuffA
FindWindowW
OemToCharA
IsWindowEnabled
VkKeyScanA
GetSystemMetrics
SetWindowsHookExA

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

472ceb21d139cd1bddc559c4fc19863b

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 63KB - Virtual size: 63KB

.rdata Size: 24KB - Virtual size: 23KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 63KB - Virtual size: 63KB

.rdata
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 3KB - Virtual size: 2KB