27911353424d5059a3a5bcc41ee643bdc2bfc2d69945a8406b1812d5e986306b

Sharing

Copy URL Twitter E-mail

General

Target

27911353424d5059a3a5bcc41ee643bdc2bfc2d69945a8406b1812d5e986306b
Size

389KB
MD5

45150eb0e295cf1a2c5f92a913048740
SHA1

3dd791e507a98a76b76e19df43b53482ac1cd231
SHA256

27911353424d5059a3a5bcc41ee643bdc2bfc2d69945a8406b1812d5e986306b
SHA512

5f49cd3a1a00904aae97617440a3c9dd7144d8c1552883c11d93dbafd5d242070d11d20916e99f88abd9bea0677a4db0cab591380c7a320c2f8dbcecf91ef901
SSDEEP

6144:PM1xlVtLnfVUcS05QblROMezAYlHEV0uCm:EHlHn9S05QzhNY5cKm

Score

N/A

Malware Config

Signatures

Files

27911353424d5059a3a5bcc41ee643bdc2bfc2d69945a8406b1812d5e986306b
.exe windows x86

827228463707fc9e45228a5c6850aa05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetModuleFileNameA
SetFilePointer
GetVersionExW
GetCurrentProcess
MultiByteToWideChar
GetCurrentProcessId
GetCurrentThread
WritePrivateProfileStringW
GetThreadSelectorEntry
VirtualQuery
CreateFileA
ReadFile
ReadProcessMemory
VirtualQueryEx
WriteFile
DeviceIoControl
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateFileMappingW
OpenFileMappingW
UnmapViewOfFile
WaitForSingleObject
ReleaseMutex
MapViewOfFile
LocalFree
SetUnhandledExceptionFilter
ProcessIdToSessionId
MapViewOfFileEx
OpenMutexW
CreateMutexW
GetFullPathNameW
WideCharToMultiByte
GetCPInfo
IsDBCSLeadByte
GetPrivateProfileIntW
GetPrivateProfileStringW
GlobalAlloc
GlobalFree
GetDriveTypeW
Sleep
LockFile
GetSystemTimeAsFileTime
CreateDirectoryW
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
FreeLibrary
MoveFileExW
DeleteFileW
FindResourceExW
GetProcAddress
LoadResource
LoadLibraryW
LockResource
CreateFileW
GetModuleFileNameW
SizeofResource
GetFileAttributesW
SetFileAttributesW
CloseHandle
GetCommandLineW
FindResourceW
FindClose
FindNextFileW
CopyFileW
MoveFileW
GetTickCount
FindFirstFileW
GetTempFileNameW
GetLastError
GetTempPathW
GetDriveTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetStdHandle
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
VirtualAlloc
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoW
RtlUnwind
LCMapStringA
LCMapStringW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
HeapCreate
VirtualFree

user32

GetMonitorInfoW
MonitorFromPoint
GetCursorPos
UnregisterClassA

advapi32

SetSecurityInfo
LookupAccountSidW
IsTextUnicode
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityInfo
GetTokenInformation
OpenProcessToken
ConvertSidToStringSidW
LookupAccountNameW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExW

shell32

SHGetFolderPathW
SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CoUninitialize
StringFromGUID2
CoCreateGuid
CoInitialize

shlwapi

PathFileExistsW

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

WSACleanup
sendto
WSAStartup
socket
htons
closesocket
gethostbyname

netapi32

Netbios
NetApiBufferFree
NetWkstaTransportEnum

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

827228463707fc9e45228a5c6850aa05

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

wtsapi32

version

ws2_32

netapi32

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 8KB - Virtual size: 17KB

Shared Size: 4KB - Virtual size: 4B

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 8KB - Virtual size: 17KB

Shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 80KB - Virtual size: 80KB