2f104ab5e27d4c002f6b71f561002d8c1f32faed563c88780e1c9547071024d2

Sharing

Copy URL Twitter E-mail

General

Target

2f104ab5e27d4c002f6b71f561002d8c1f32faed563c88780e1c9547071024d2
Size

335KB
MD5

58cc349d5e12b2452472f1bff2ad7acb
SHA1

0a9b5b7408ed6ba2006db8ec4c95d57a7f0c0eba
SHA256

2f104ab5e27d4c002f6b71f561002d8c1f32faed563c88780e1c9547071024d2
SHA512

0cd70ecd6139fce32bc8df0e663b56cae61844d82cea61d13f04f89e05cdc95cbb6b0be8ec9dd96bbd2194ca7cc47013704957b4ea0fe18a8e9f363455dda728
SSDEEP

6144:E2PoNSrFRomL32Nd0wYQE+C3PQ81pbyXpzITmY01wxYGQNHY:E2QNSrFRB32NRE/9XbyZzwP84

Score

N/A

Malware Config

Signatures

Files

2f104ab5e27d4c002f6b71f561002d8c1f32faed563c88780e1c9547071024d2
.exe windows x86

e59e36a65cbcf6a7792c187169404661

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

InterlockedIncrement
InterlockedDecrement
FormatMessageA
Sleep
GetFileAttributesA
CreateDirectoryA
GetLastError
CopyFileA
SetFileAttributesA
GetTempFileNameA
LocalAlloc
MoveFileA
GetModuleFileNameA
GetModuleHandleA
lstrlenA
LocalFree
DeleteFileA
CreateMutexA
CloseHandle
GetUserDefaultLCID
FreeLibrary
OpenProcess
CreateProcessA
TerminateProcess
GetProcAddress
LoadLibraryA
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
CompareStringW
GetEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentDirectoryA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
GetDriveTypeA
VirtualAlloc
VirtualFree
HeapCreate
IsValidCodePage
FlushFileBuffers
GetConsoleMode
InterlockedExchange
OutputDebugStringA
GetFileType
GetFileSize
ReadFile
WriteFile
GetSystemInfo
SetFilePointer
SetEndOfFile
CreateFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetStringTypeW
LCMapStringW
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
CompareStringA
GetOEMCP
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetSystemTimeAsFileTime
GetModuleHandleW
ExitProcess
HeapFree
HeapAlloc
GetFullPathNameA
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetCurrentProcess
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetACP
GetConsoleCP

user32

LoadStringA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHFileOperationA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromProgID
OleRun
CLSIDFromString

oleaut32

LoadRegTypeLi
SysStringByteLen
SafeArrayCreateEx
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SysAllocStringByteLen
GetRecordInfoFromTypeInfo
SysFreeString
GetErrorInfo
VariantClear
SysAllocString

shlwapi

PathCombineA

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e59e36a65cbcf6a7792c187169404661

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 240KB - Virtual size: 239KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 10KB - Virtual size: 24KB

STLPORT_ Size: 512B - Virtual size: 32B

.rsrc Size: 47KB - Virtual size: 48KB

.text
Size: 240KB - Virtual size: 239KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 10KB - Virtual size: 24KB

STLPORT_
Size: 512B - Virtual size: 32B

.rsrc
Size: 47KB - Virtual size: 48KB