38786492f6eee052875a4d83e479051f2ad4fc44c84f6d8098daee37236726a9

Sharing

Copy URL Twitter E-mail

General

Target

38786492f6eee052875a4d83e479051f2ad4fc44c84f6d8098daee37236726a9
Size

541KB
MD5

67ba8ad9a34b2cc4538df3a71280deee
SHA1

199b5d016eee4828108d6b823ef03c506113c74e
SHA256

38786492f6eee052875a4d83e479051f2ad4fc44c84f6d8098daee37236726a9
SHA512

bee7519cb1c86b31848f9e76116049be510545f4eaeb08f99f17f0c8e54b0849e775f63b22be15c82e2b9d44009fbac390d927b260c7eca524183f7b21948288
SSDEEP

12288:jtz/VYRwV4U/xUDXLwacaV/NYCFFVegltwPonsveR:jt7VYRwOUZUXNFFVLltwPj

Score

N/A

Malware Config

Signatures

Files

38786492f6eee052875a4d83e479051f2ad4fc44c84f6d8098daee37236726a9
.exe windows x86

732b737a6448e5b4b50f8527d2b10b83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_abnormal_termination
_mbsnbicmp
_mbsnbcmp
wcsncmp
_mbsncmp
_mbslwr
isspace
_mbsnicmp
setlocale
_vsnprintf
_iob
fprintf
_snprintf
_pctype
_ismbcspace
wcscmp
_mbsnextc
memmove
_mbsdec
_mbsicmp
wcsrchr
wcscpy
wcslen
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_mbctoupper
_mbctolower
_mbscpy
_mbslen
_mbscmp
strchr
wcschr
_ismbblead
_mbsinc
_mbsrchr
_wcsnicmp
_mbschr

advapi32

RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegOpenKeyExA
RegSetValueExA

kernel32

SetFilePointer
SetErrorMode
FindFirstFileA
CreateMutexA
InterlockedIncrement
InterlockedExchange
RaiseException
lstrcpyA
lstrlenA
CloseHandle
ReadFile
CreateFileA
GetFileAttributesA
SetFileAttributesA
GetPrivateProfileStringA
GetWindowsDirectoryA
SetCurrentDirectoryW
SetEnvironmentVariableW
GetEnvironmentVariableW
SetLastError
WriteFile
WritePrivateProfileStringA
MoveFileA
CopyFileA
DeleteFileA
GetDriveTypeA
GetLogicalDrives
GetSystemDirectoryA
GetProcAddress
GetLastError
LoadLibraryExA
GetCommandLineA
SetCurrentDirectoryA
HeapFree
FreeLibrary
GetModuleFileNameA
GetProcessHeap
DeviceIoControl
Thread32Next
ResumeThread
SuspendThread
Thread32First
CreateToolhelp32Snapshot
GetCurrentThreadId
Sleep
SetThreadPriority
GetCurrentThread
LoadLibraryA
LocalFree
LocalAlloc
GetModuleHandleA
GetStartupInfoA
FindClose
lstrcpynA
IsDBCSLeadByte
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
FindNextFileA
RemoveDirectoryA
GetCurrentDirectoryA
OutputDebugStringA
FormatMessageA
CreateEventA
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
HeapReAlloc
HeapAlloc
ExitProcess
GlobalAlloc
WideCharToMultiByte
GetThreadLocale
SetThreadLocale
CreateProcessA
WaitForMultipleObjects
SetEvent
TerminateProcess
WaitForSingleObject
OpenEventA
OpenFileMappingA

user32

GetKeyboardType
EnumWindows
GetWindowTextA
GetWindowThreadProcessId
wsprintfA
MessageBoxA
CharLowerA
CharLowerW

setupapi

SetupOpenLog
SetupLogErrorA
SetupCloseLog
SetupCloseInfFile
SetupOpenInfFileA

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 508KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

732b737a6448e5b4b50f8527d2b10b83

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

setupapi

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 1024B - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.vmp0 Size: 508KB - Virtual size: 1.6MB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 1024B - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.vmp0
Size: 508KB - Virtual size: 1.6MB