b16899cb0c6a5ed56563693c7137074726edd5942822a6b286a97afdfee3dbc2

Sharing

Copy URL Twitter E-mail

General

Target

b16899cb0c6a5ed56563693c7137074726edd5942822a6b286a97afdfee3dbc2
Size

305KB
MD5

688ab40dadbc77b79e7a9db57b7198b0
SHA1

5e8e531cf2d4586b20bbb628f05e758b31ca369c
SHA256

b16899cb0c6a5ed56563693c7137074726edd5942822a6b286a97afdfee3dbc2
SHA512

b407dd6bdafaa6d7423542ef93d9c6a803858565c661656a07cd78c54f320311d382d71d4e9187a92e4d7dcabb2f5cad8c3600c80a06e0ff0b3259762b5c58c5
SSDEEP

6144:EeWbNTuNHor9zVDr3byiz1/LqlwLShhBJfHjcDAW:jWhTow9zVDr32iJmCSNJLcDt

Score

N/A

Malware Config

Signatures

Files

b16899cb0c6a5ed56563693c7137074726edd5942822a6b286a97afdfee3dbc2
.exe windows x86

49c3d88721f87b2eec4ad7849caa4653

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetEvent
DebugBreak
OutputDebugStringW
lstrlenA
GetCurrentProcessId
WaitForSingleObject
GetCurrentThreadId
CreateEventW
CreateThread
Sleep
GetCurrentProcess
GetCommandLineW
GetProcAddress
LoadLibraryW
GetVersionExW
Process32FirstW
LocalFree
LocalAlloc
OpenProcess
CreateToolhelp32Snapshot
GetModuleHandleW
Process32NextW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenW
RaiseException
CompareStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
WideCharToMultiByte
LoadLibraryA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetCPInfo
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
VirtualProtect
VirtualAlloc
GetModuleHandleA
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
GetProcessHeap
GetStartupInfoW
VirtualFree
HeapDestroy
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetCommandLineA

user32

SendMessageW
CharNextW
KillTimer
SetTimer
CharUpperW
PostThreadMessageW
TranslateMessage
DispatchMessageW
GetMessageW
PostMessageW
UnregisterClassW
CreateWindowExW
RegisterWindowMessageW
RegisterClassW
DestroyWindow
UnregisterClassA
PostQuitMessage
DefWindowProcW

advapi32

GetTokenInformation
GetSidSubAuthority
GetSidSubAuthorityCount
OpenProcessToken
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoGetInterfaceAndReleaseStream
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
StringFromGUID2
CoCreateInstance

oleaut32

SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
VariantClear
VariantInit
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysStringLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

49c3d88721f87b2eec4ad7849caa4653

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 12KB - Virtual size: 9KB

.2rdata Size: 76KB - Virtual size: 76KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 12KB - Virtual size: 9KB

.2rdata
Size: 76KB - Virtual size: 76KB