fea87ac6cf0c10e4bddbdf66a397cfc038e89de94c69bf9aba6cedcb26ebc2dc

Sharing

Copy URL

Twitter E-mail

General

Target

fea87ac6cf0c10e4bddbdf66a397cfc038e89de94c69bf9aba6cedcb26ebc2dc
Size

216KB
MD5

62368ccd9067d3dfdfc0ae73b3dfd430
SHA1

18d79538b736d933a1c004c7a5d0a22a777e8e69
SHA256

fea87ac6cf0c10e4bddbdf66a397cfc038e89de94c69bf9aba6cedcb26ebc2dc
SHA512

dd09c303ef6009ad288b8f6e9d4cb30d3d1653d7eb613bd4c28fe1721943a133b6878f10d0c040794318f68c1128ecfb3cf919a3be6e8f067c9bb1a399510642
SSDEEP

6144:H9vxq00ZYbuzuutc35sLb/uOOYmL7NSeUKqBuzFn:dvxl0dzuIQ+juOOP7N5VbN

Score

N/A

Malware Config

Signatures

Files

fea87ac6cf0c10e4bddbdf66a397cfc038e89de94c69bf9aba6cedcb26ebc2dc
.exe windows x86

fddfbca3c89b057d87b120c4e670aca9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GetEnvironmentStrings
MulDiv
MultiByteToWideChar
lstrcmpiA
GetProcAddress
SetLastError
CreateProcessA
UnhandledExceptionFilter
WideCharToMultiByte
GetCurrentThreadId
SetErrorMode
VirtualProtect
GetVersionExA
GetSystemInfo
GetStartupInfoA
GetVersion
RtlUnwind
LoadLibraryA
lstrcmpiW
GetUserDefaultLangID
GetFileType
DeleteFileW
GetEnvironmentStringsW
lstrlenA
LCMapStringW
GetFullPathNameA
GetModuleFileNameA

msvcrt

_except_handler3
_adjust_fdiv
_exit
_initterm
__set_app_type
__p___initenv
floor
_controlfp
__getmainargs
_XcptFilter
__setusermatherr
__p__fmode
__p__commode

user32

DestroyMenu
GetMenu
GetFocus
wsprintfA
SetWindowLongA
ClientToScreen
GetCursorPos
GetWindowThreadProcessId
PtInRect
GetSubMenu
TrackPopupMenu
LoadStringA
GetDC
MessageBoxA
TranslateMessage
GetForegroundWindow
RegisterWindowMessageA
SetWindowPos
SetTimer
GetWindow
SetFocus
GetParent
IsWindowEnabled
GetKeyState
LoadIconA
UnregisterClassA
CharNextA
SetCursor
FillRect
CallNextHookEx
CreatePopupMenu

advapi32

RegEnumKeyExW
RegEnumValueA
OpenServiceA
InitiateSystemShutdownA
RegQueryInfoKeyW
CryptGenRandom
RegOpenKeyW
GetLengthSid
FreeSid
IsValidSid
RevertToSelf
CheckTokenMembership
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
LookupPrivilegeValueA
CryptHashData
RegCreateKeyA
RegQueryValueA
RegCreateKeyExA
RegOpenKeyA
OpenThreadToken
GetUserNameA
OpenServiceW
EqualSid
CryptCreateHash
QueryServiceStatus
OpenSCManagerA
CryptDestroyHash
LookupPrivilegeValueW
RegSetValueExW
CryptReleaseContext
AddAccessAllowedAce
ControlService
GetSecurityDescriptorDacl
RegQueryInfoKeyA
AllocateAndInitializeSid
OpenProcessToken
CryptAcquireContextA
GetTokenInformation
CloseServiceHandle

Sections

.text
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fddfbca3c89b057d87b120c4e670aca9

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 1024B - Virtual size: 812B

.rdata Size: 154KB - Virtual size: 154KB

.data Size: 46KB - Virtual size: 55KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 1024B - Virtual size: 812B

.rdata
Size: 154KB - Virtual size: 154KB

.data
Size: 46KB - Virtual size: 55KB

.rsrc
Size: 12KB - Virtual size: 12KB