a022976f0aaf67f72b95b79041eff0d3ebfe2b6efd40e32d980900b464c41114

Sharing

Copy URL

Twitter E-mail

General

Target

a022976f0aaf67f72b95b79041eff0d3ebfe2b6efd40e32d980900b464c41114
Size

141KB
MD5

5a829402a7f72cddcc71a929873532b9
SHA1

65a48d5a5fe3da249369008ef24d5009ab6fb901
SHA256

a022976f0aaf67f72b95b79041eff0d3ebfe2b6efd40e32d980900b464c41114
SHA512

0e46dc09d0b93428bab4e654c8b9a638533202e7b651395cc2ea6e2b3401f1ae8ba52c204ee0ca53e5a8108a8dcabcd2515d1882d3d8e4decd3193a38b77e1a1
SSDEEP

1536:+/kp4olmoLpwpv1uV/rrxUtMDHzxkVGXDfiGCzCiyL9tjk2/VIIuTlJtaXtnjTcA:+/kpgMWpc/nxZ0wIIuhJgXtnEyf

Score

N/A

Malware Config

Signatures

Files

a022976f0aaf67f72b95b79041eff0d3ebfe2b6efd40e32d980900b464c41114
.exe windows x86

9cff5b843a5791f56f6af8bb4121b867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
lstrcmpiA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
MoveFileW
CreateFileW
DeleteFileW
GetTempFileNameW
GetTempPathW
GetCurrentThreadId
GetCommandLineA
lstrlenW
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
SetStdHandle
GetCurrentThread
lstrlenA
InterlockedDecrement
RaiseException
MultiByteToWideChar
GetLocalTime
OutputDebugStringA
CreateThread
DeleteCriticalSection
GenerateConsoleCtrlEvent
WriteFile
ReadFile
GetExitCodeProcess
ReleaseSemaphore
GetModuleFileNameA
CreateSemaphoreA
CreatePipe
GetCurrentProcess
DuplicateHandle
SetErrorMode
CreateProcessA
GetLastError
FormatMessageA
SetLastError
WaitForSingleObject
LeaveCriticalSection
TerminateThread
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
CloseHandle
Sleep
WideCharToMultiByte
InitializeCriticalSection
EnterCriticalSection
InterlockedExchange
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetProcAddress
GetSystemInfo
VirtualQuery
GetProcessHeap
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
HeapSize
ExitProcess
GetStdHandle
GetCPInfo
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

UnregisterClassA
CharNextA
LoadStringA
PostThreadMessageA
MessageBoxA
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA

advapi32

ReportEventA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
OpenThreadToken
OpenProcessToken
SetServiceStatus
RegisterEventSourceA
DeregisterEventSource
ControlService
DeleteService
CreateServiceA
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
GetLengthSid
CopySid
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
IsValidSid

ole32

CoInitializeSecurity
CoRegisterClassObject
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoUninitialize
CoInitialize
CoRevokeClassObject
CoTaskMemRealloc

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cff5b843a5791f56f6af8bb4121b867

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 5KB