a73165bb995e32a22368b49882f4596dea195298018ae085bb5b7c4057f362f4

Sharing

Copy URL

Twitter E-mail

General

Target

a73165bb995e32a22368b49882f4596dea195298018ae085bb5b7c4057f362f4
Size

474KB
MD5

7b973dbd69c6377d86f4cbfe9e02131b
SHA1

ab02936507adb1cb285978db6b7ea526843b5183
SHA256

a73165bb995e32a22368b49882f4596dea195298018ae085bb5b7c4057f362f4
SHA512

0dc6cb257f5c0e1e010d9bf6aa437340927ca5538aa00cf7f23d621b4b0e2178c027b6c55a63232c5429750e83554233133d98d81edd51df3a62e8ac7adb0a83
SSDEEP

3072:vHvErQII2i5QtKel0mkHvRlX3T5lB3gJEZgDgqONjZw3kXPxww8gF3nEVnPn/waY:kra2MSl0NvP9lWQwgqONjZSw8gF6Pn/

Score

N/A

Malware Config

Signatures

Files

a73165bb995e32a22368b49882f4596dea195298018ae085bb5b7c4057f362f4
.exe windows x86

95fb4a3c838f195bb1bb828b220be0a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
DuplicateHandle
GetCurrentProcessId
DeleteFileA
GetSystemDirectoryA
GetConsoleScreenBufferInfo
GetStdHandle
WaitForSingleObject
CreateProcessA
GetCommandLineA
ExpandEnvironmentStringsA
GetFileAttributesA
OpenProcess
GetModuleHandleA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetDriveTypeA
DeviceIoControl
FormatMessageA
LocalAlloc
LoadLibraryA
GetModuleFileNameA
LocalFree
GetStringTypeA
GetProcAddress
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
GetLastError
GetVersion
CloseHandle
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
WriteFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
ReadFile
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetStdHandle
SetFilePointer

user32

GetSysColorBrush
LoadCursorA
SetCursor
InflateRect
GetDlgItem
SendMessageA
EndDialog
SetWindowTextA
DialogBoxIndirectParamA

gdi32

SetMapMode
StartDocA
StartPage
EndPage
EndDoc
GetDeviceCaps

comdlg32

PrintDlgA

advapi32

LookupAccountSidA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetTokenInformation

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 116KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95fb4a3c838f195bb1bb828b220be0a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 116KB - Virtual size: 143KB

.rsrc Size: 308KB - Virtual size: 308KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 116KB - Virtual size: 143KB

.rsrc
Size: 308KB - Virtual size: 308KB