77d1751c7ec9d3f73f18a1e95e9225312fffae3a18de40b5f08618e4ab1b6e16

General

Target

77d1751c7ec9d3f73f18a1e95e9225312fffae3a18de40b5f08618e4ab1b6e16
Size

255KB
MD5

6115295ab92c0386b1c914e7fac05a10
SHA1

682413612337b187e9d399151ec1397e25b39f5f
SHA256

77d1751c7ec9d3f73f18a1e95e9225312fffae3a18de40b5f08618e4ab1b6e16
SHA512

ef94fd045d9da1a13f9c591896193ab1631f6abdfced129e50e9bbc23478714e7681b1390c382506ef42f1f4ccc300ce717fe0fb036cc8cf7ea6178a6b8c266f
SSDEEP

6144:XPN7fxKLW1Rqi5s6kj7DVl0ETVyj3bXlHexC48ShIGd:XBLrqiQ30Ehqr1+xC4N

Score

N/A

Malware Config

Signatures

Files

77d1751c7ec9d3f73f18a1e95e9225312fffae3a18de40b5f08618e4ab1b6e16
.exe windows x86

f87cddb47f1c25ca359b99a0abbe562e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ReportEventA
RegSetValueExA
InitializeAcl
RegCloseKey
RegCreateKeyExA
RegisterEventSourceA
FreeSid
SetSecurityDescriptorDacl
RegQueryValueExA
AllocateAndInitializeSid
RegOpenKeyExA
RegDeleteValueA
GetLengthSid
RegDeleteKeyA
DeregisterEventSource

kernel32

GlobalAlloc
GetUserDefaultLangID
SetEndOfFile
FindClose
lstrcmpA
lstrcpyn
GetCPInfo
OpenMutexA
GetEnvironmentStringsW
InterlockedIncrement
GetLastError
CreateDirectoryA
lstrlenA
LeaveCriticalSection
WaitForMultipleObjects
lstrlen
CreateFileA
GetSystemDefaultLangID
GetOEMCP
ReadFile
GetCurrentProcessId
lstrlenW
WaitForSingleObjectEx
lstrcpyA
DeleteCriticalSection
GetEnvironmentStringsA
GetUserDefaultLCID
ResetEvent
lstrcpynW
ReleaseMutex
WaitForSingleObject
WriteFile
SetEvent
FindFirstFileA
LoadLibraryW
EnterCriticalSection
FindNextFileA
lstrcpynA
FreeLibrary
CompareStringW
GetSystemInfo
UnmapViewOfFile
CreateThread
GetProcAddress
GetModuleFileNameA
GlobalFree
VirtualFree
WriteFileEx
SetThreadPriority
GlobalFindAtomW
QueryPerformanceCounter
OpenSemaphoreA
CloseHandle
ReleaseSemaphore
MapViewOfFile
GetFileSize
SetFilePointer
GetTickCount
OpenFileMappingA
GetExitCodeThread
OpenEventA
CreateSemaphoreA
GetFileAttributesA
GetDiskFreeSpaceA
LCMapStringW
RemoveDirectoryA
OutputDebugStringA
InterlockedDecrement
ReadFileEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f87cddb47f1c25ca359b99a0abbe562e

Headers

File Characteristics

Imports

advapi32

kernel32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 238KB - Virtual size: 237KB

.reloc Size: 512B - Virtual size: 276B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 238KB - Virtual size: 237KB

.reloc
Size: 512B - Virtual size: 276B