9a72bf7d325f2ebee5f55222f92d026e4c88a72a089731493532f975f0a3d2fe

Sharing

Copy URL

Twitter E-mail

General

Target

9a72bf7d325f2ebee5f55222f92d026e4c88a72a089731493532f975f0a3d2fe
Size

172KB
MD5

5d8c5f6e014314c522093b11f56aa0a8
SHA1

081aa88468984ca84470a919a3662634d0b17698
SHA256

9a72bf7d325f2ebee5f55222f92d026e4c88a72a089731493532f975f0a3d2fe
SHA512

f56b1ce490a360eae32e653e87c562376c14c6c0f37a1752a3822457411e72d594be2c06e2bc6b1adb146df056a3c3dc580139fd1aff6935a7f6d5dec5a45c24
SSDEEP

3072:LdwusDXUfvbhNCool9t7tG2TXJz9mTs4Y8Mgs5uoVQasYmg:L4DMbMvtAHs4tY/QfYm

Score

N/A

Malware Config

Signatures

Files

9a72bf7d325f2ebee5f55222f92d026e4c88a72a089731493532f975f0a3d2fe
.exe windows x86

8cb73f23fc4ffce04345bba981c347fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

kernel32

OutputDebugStringW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
GetProcAddress
LoadLibraryW
GetLongPathNameW
GetCurrentThreadId
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
DebugBreak
GetShortPathNameW
OpenProcess
CreateFileW
DeviceIoControl
GetVersionExW
GlobalFree
GlobalAlloc
GetCurrentProcess
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
lstrlenA
InterlockedIncrement
GetModuleFileNameW
CreateEventW
CreateThread
SetEvent
lstrcmpiW
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
WaitForSingleObject
CloseHandle
VirtualAllocEx
GetConsoleCP
SetFilePointer
LoadLibraryA
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcessHeap
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError

user32

GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
CharNextW
PostThreadMessageW
UnregisterClassA
CharLowerBuffW

advapi32

RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
SysFreeString
VarUI4FromStr

shlwapi

PathFileExistsW
StrCmpNIW
SHGetValueW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8cb73f23fc4ffce04345bba981c347fe

Headers

File Characteristics

Imports

psapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 72KB - Virtual size: 72KB