d7906ce97c937fd4409a986c88304cfec2e4794fc8494ecf4c1bad2dbc94c5bb

Sharing

Copy URL Twitter E-mail

General

Target

d7906ce97c937fd4409a986c88304cfec2e4794fc8494ecf4c1bad2dbc94c5bb
Size

34KB
MD5

6ab19707bd622d86cd9cd632f4e78033
SHA1

b18455c86b59aa588ae9deb420bacb13823185d8
SHA256

d7906ce97c937fd4409a986c88304cfec2e4794fc8494ecf4c1bad2dbc94c5bb
SHA512

9b30d7f8e0f4380dc1f153ccb3bdda4c29e17c8f1ef0caa06d52c3755dc6c57261893d18236eaa285c97fc5ace080414041f6c1469db4e187a90aded44f2bae7
SSDEEP

768:jJj79DsJZPjs2R7xduJdTcK+4doD9wDKVN:NjRsJZjs2R44D9/N

Score

N/A

Malware Config

Signatures

Files

d7906ce97c937fd4409a986c88304cfec2e4794fc8494ecf4c1bad2dbc94c5bb
.exe windows x86

edb671fea074b55843e279b9e483f947

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetCurrentThreadId
lstrcatW
WriteProfileStringA
SetFilePointerEx
GetLocaleInfoA
GetModuleFileNameW
CreateEventW
VirtualQuery
GetShortPathNameA
VirtualAlloc
SearchPathW
GetSystemDirectoryA
GetNumberFormatA
DuplicateHandle
GetSystemTimeAsFileTime
ResumeThread
HeapCreate
GetSystemTime
SetEvent
GetCurrentProcess
CreateProcessW
FindResourceW
CreateFileMappingW
InterlockedExchange
WaitForSingleObject
GetSystemInfo
GetModuleHandleW
GetStringTypeExA
OpenEventA
LoadResource
GetFileType
GetThreadPriority
GetConsoleMode
GetTempPathA
HeapDestroy
GetProfileIntA
UnmapViewOfFile
GetShortPathNameW
SetErrorMode
ExpandEnvironmentStringsW
CreateTimerQueueTimer
GetLogicalDriveStringsA
CompareStringA
GetLocaleInfoW
CreateMutexW
lstrcmpA
CloseHandle
GetFileSize
ReleaseMutex
GetProcessTimes
LCMapStringA
QueryPerformanceCounter
SetHandleInformation
ReadFile
GetDateFormatW
MapViewOfFile
GetFileTime
OutputDebugStringA
SetEndOfFile
InterlockedCompareExchange
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
SetFileTime

advapi32

LookupPrivilegeValueA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegQueryInfoKeyA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
RegDeleteKeyA

wintrust

HTTPSCertificateTrust
WintrustAddActionID
WintrustGetDefaultForUsage
WinVerifyTrust

user32

LoadStringW

comdlg32

CommDlgExtendedError
GetOpenFileNameA

ole32

CoInitialize
CoInitializeSecurity
CoTaskMemAlloc
StgOpenStorage
CreateOleAdviseHolder
CoInitializeEx
RevokeDragDrop
RegisterDragDrop
StgCreateDocfile
CreateStreamOnHGlobal
DoDragDrop
CoUninitialize
CoCreateInstance
ReleaseStgMedium

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edb671fea074b55843e279b9e483f947

Headers

File Characteristics

Imports

kernel32

advapi32

wintrust

user32

comdlg32

ole32

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 9KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 4KB

.rdata Size: 46KB - Virtual size: 79KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 9KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 4KB

.rdata
Size: 46KB - Virtual size: 79KB