69469fe38bd7b88de063134744b77b2508c6ebe17899c72f0a5845542fa02d78

Sharing

Copy URL

Twitter E-mail

General

Target

69469fe38bd7b88de063134744b77b2508c6ebe17899c72f0a5845542fa02d78
Size

132KB
MD5

069e9b893526d74052acf74c8603c0f8
SHA1

c62953b15be7b47a360456c9a1c55df4aefe57f4
SHA256

69469fe38bd7b88de063134744b77b2508c6ebe17899c72f0a5845542fa02d78
SHA512

a586fcfd83f93d92ed9cf66fbeb70b3b5a493214f877005b1cf43fcf43167624a80c0051b7c4599ed517832ae2bf47b091ce171c82b9977908b9c2651bd6337e
SSDEEP

3072:i934Pq93Po5/1skqHdryGaSW060V4I0GnHaMy:Gwq9+NsndryGlW06e4QHly

Score

N/A

Malware Config

Signatures

Files

69469fe38bd7b88de063134744b77b2508c6ebe17899c72f0a5845542fa02d78
.exe windows x86

babb6a1e2f18127c7ed0714a13f9460f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
MultiByteToWideChar
SetLastError
GetTempPathA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InterlockedDecrement
InterlockedIncrement
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
HeapDestroy
SetFileAttributesA
VirtualFree
RtlUnwind
WriteFile
LCMapStringA
LCMapStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetFilePointer
GetVersionExA
GetStringTypeA
GetStringTypeW
SetStdHandle
ReadFile
FlushFileBuffers
CopyFileA
DeleteFileA
GetFileAttributesA
GetWindowsDirectoryA
GetModuleFileNameA
CreateMutexA
GetLastError
HeapCreate
CloseHandle

user32

SetWindowTextA
SetDlgItemTextA
EndDialog
MessageBoxA
DialogBoxParamA

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

setupapi

SetupFindFirstLineA
SetupGetStringFieldA
SetupCloseInfFile
SetupCopyOEMInfA
SetupIterateCabinetA
SetupFindNextLine
SetupOpenInfFileA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

babb6a1e2f18127c7ed0714a13f9460f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

setupapi

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 72KB - Virtual size: 72KB