3d688873dea2cb7f06e8106ca8f04ee3f1d360baca50cfa2534b228c358662db

Sharing

Copy URL Twitter E-mail

General

Target

3d688873dea2cb7f06e8106ca8f04ee3f1d360baca50cfa2534b228c358662db
Size

145KB
MD5

693143b1baac17652b149103936f0c50
SHA1

c56d0d2ac27457177b71a429c45a31b479b30204
SHA256

3d688873dea2cb7f06e8106ca8f04ee3f1d360baca50cfa2534b228c358662db
SHA512

ae6e2cacc697c305e651ec4d5b1d0db3b0333477897b0da3233738dd874e42d6486bb7390d09ee17716b67b94831649ad8f506244031de52dc153d6f52c38ec5
SSDEEP

1536:RyVj1CW5je9LjmuRb1M8iUHNYojEPSA/cx6m5eMSFbuk785uTA85uTA85uTKx:RB0Gj1j+RPKx6w+FCk2uT3uT3uTKx

Score

N/A

Malware Config

Signatures

Files

3d688873dea2cb7f06e8106ca8f04ee3f1d360baca50cfa2534b228c358662db
.exe windows x86

29419bdb14a55cb8202692d3b5191b90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
GlobalMemoryStatusEx
ResetEvent
CreateThread
GetSystemDirectoryW
SetEvent
CloseHandle
ExpandEnvironmentStringsW
Sleep
FreeConsole
GetModuleHandleW
MultiByteToWideChar
lstrcmpiA
CreateFileW
GetLastError
GetCurrentProcess
GetTimeFormatW
GetDateFormatW
GetLocalTime
WaitForSingleObject
SetCurrentDirectoryW
GetModuleHandleA
GetStartupInfoW
CreateEventW
GetVersionExA
lstrcpynA
ExpandEnvironmentStringsA
HeapReAlloc
HeapAlloc
ExitProcess
CreateEventA
FormatMessageW
ReadFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrcmpiW
lstrcpyW
CopyFileW
lstrcpynW
lstrlenW
CreateProcessW
DeleteFileW
GetSystemTimeAsFileTime
SetFilePointer
HeapFree
SetLastError
lstrcmpW
GetProcessHeap
GlobalAlloc
VirtualAlloc

user32

GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SendMessageW
DdeAddData
DdeCreateDataHandle
CloseClipboard
GetClipboardData
OpenClipboard
DdePostAdvise
DdeClientTransaction
InvalidateRect
ReleaseDC
GetDC
FlashWindow
SetTimer
PostMessageW
DdeCreateStringHandleW
DdeFreeStringHandle
SetWindowTextW
wsprintfW
DdeQueryStringW
CheckDlgButton
SendDlgItemMessageW
GetSysColor
LoadStringW
GetSystemMetrics
LoadIconW
LoadCursorA
LoadIconA

msvcrt

wcsncpy

advapi32

OpenSCManagerW
QueryServiceConfigW
QueryServiceStatus
LsaClose
LsaOpenPolicy
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29419bdb14a55cb8202692d3b5191b90

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

Sections

.text Size: 98KB - Virtual size: 97KB

.data Size: 3KB - Virtual size: 3KB

.data3 Size: 11KB - Virtual size: 11KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 3KB - Virtual size: 3KB

.data3
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 31KB - Virtual size: 31KB