e0445893223d4a10605633be51a1c2c9b48234c277c893c959204e05e929f220

Sharing

Copy URL Twitter E-mail

General

Target

e0445893223d4a10605633be51a1c2c9b48234c277c893c959204e05e929f220
Size

568KB
MD5

1d80d2ad247e6c2c12df3567851299ca
SHA1

43c7e36293462db97735a33f3ad7076cc95b081c
SHA256

e0445893223d4a10605633be51a1c2c9b48234c277c893c959204e05e929f220
SHA512

9d71415f98adfada5abf05dc5efc757f5526270a584b1cde39e14886615ccf0938ed7f239a9853f1581a0ec68f49213d86451088843a6c0a35e055d4463a2018
SSDEEP

12288:uFTCcfkbVaAoTalMoZDJCugVb8p8++vAL:uFTCcfkbkulMoZlCuNp8+

Score

N/A

Malware Config

Signatures

Files

e0445893223d4a10605633be51a1c2c9b48234c277c893c959204e05e929f220
.exe windows x86

d368530135383153410fac66b730a0af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorControl
RegCreateKeyExW
RegOpenKeyExA
RegDeleteKeyA
RegFlushKey
GetTokenInformation
RegDeleteKeyW
RegQueryValueExA
RegSetValueExW
LookupAccountSidW
RegDeleteValueW
RegCreateKeyW
FreeSid
RegCloseKey
AllocateAndInitializeSid
LookupPrivilegeValueA
EqualSid
RegEnumKeyExW
UnlockServiceDatabase
RegEnumValueW
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
ChangeServiceConfigA
RegSetValueExA
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
InitializeSecurityDescriptor
RegCreateKeyExA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

comctl32

ord6
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_Create
ImageList_Destroy
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Draw
InitCommonControlsEx
PropertySheetW
ord17
CreatePropertySheetPageW

kernel32

GetOEMCP
GetProcAddress
SetFilePointer
FlushFileBuffers
GetCPInfo
FreeLibrary
IsBadStringPtrW
SuspendThread
LoadLibraryA
GetSystemTime
GlobalAlloc
ReadFile
GetThreadLocale
Sleep
SetThreadPriority
GetVersionExA
HeapSize
SetLastError
GetTimeFormatA
IsBadWritePtr
CreateDirectoryW
GetModuleHandleA
VirtualQuery
CreateMutexA
IsValidLocale
HeapDestroy
GlobalUnlock
LeaveCriticalSection
GetCurrentThread
WaitForSingleObject
ResetEvent
DeleteCriticalSection
GetShortPathNameA
lstrcpyA
GetFileType
InterlockedIncrement
ReleaseMutex
HeapReAlloc
lstrcpynW
LoadLibraryExW
GetTempFileNameW
WriteConsoleW
LocalFree
FindResourceA
GetConsoleCP
lstrcmpW
GlobalLock
LCMapStringA
VirtualAlloc
SetCurrentDirectoryW
GetFileSize
GetACP
FindResourceExW
GetLocalTime
lstrcmpiW
lstrcatA
CreateProcessW
GlobalHandle
lstrlenA
GetStringTypeW
GetFileTime
LoadResource
WriteFile
MapViewOfFile
CreateFileMappingA
FormatMessageA
GetCurrentProcessId
GetStartupInfoW
CompareStringA
GetThreadTimes
lstrcpynA
GetTempPathW
LoadLibraryW
GetTempFileNameA
CreateFileMappingW
GetVersionExW
EnumSystemLocalesA
IsValidCodePage
GetProcessHeap
CreateFileW
CreateProcessA
GetCurrentThreadId
SearchPathA
GetSystemInfo
LCMapStringW
GetTempPathA
GetModuleFileNameW
SystemTimeToFileTime
GlobalReAlloc
GetStdHandle
CreateFileA
GetStartupInfoA
InterlockedDecrement
SetEvent
lstrcmpA
LockResource
SetStdHandle
HeapAlloc
SizeofResource
InterlockedCompareExchange
GetStringTypeA
HeapFree
GetLastError
WideCharToMultiByte
SetEndOfFile
ExitProcess
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
RtlUnwind
MultiByteToWideChar
CloseHandle

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 480KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d368530135383153410fac66b730a0af

Headers

File Characteristics

Imports

advapi32

version

comctl32

kernel32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 480KB - Virtual size: 481KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 480KB - Virtual size: 481KB