a90355db64fbfc44a5e68118e35b9e33aaed77967c9ff1a6c7edfafcf4a63d56

Sharing

Copy URL Twitter E-mail

General

Target

a90355db64fbfc44a5e68118e35b9e33aaed77967c9ff1a6c7edfafcf4a63d56
Size

97KB
MD5

7b92b4b82d0296c951ab022de006ca11
SHA1

6f1ee74c35189cc03cf162f91f35f6700ec7670b
SHA256

a90355db64fbfc44a5e68118e35b9e33aaed77967c9ff1a6c7edfafcf4a63d56
SHA512

5f707e4d72e29c3bc3bcf9bdd564e126a9373aeaa5c9194072ada9298cab90bdb2f117e606cc3ade20d16108c569b1c4274dfc5fcf3adf03786592ac7d7c28c8
SSDEEP

1536:pPCXR3JFAhl5ErRCFgNNeGJQ48Fph/CPTKg7xKPf4a:p6lAzuGSPJQ4DTb7wF

Score

N/A

Malware Config

Signatures

Files

a90355db64fbfc44a5e68118e35b9e33aaed77967c9ff1a6c7edfafcf4a63d56
.exe windows x86

c1d533ebefb2bfc5721aac00fcd9664a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

msvcrt

wcscmp
swprintf
memmove
wcstok
_wsplitpath
sprintf
strrchr
_c_exit
_exit
_XcptFilter
_cexit
wcstol
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
wcslen
_wcsicmp
exit
_wtoi64
wcscpy
wcschr
wcscat
wcsncpy

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW

kernel32

GetTickCount
QueryPerformanceCounter
GetFileSize
ReadFile
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
TerminateProcess
SetFileAttributesA
_lcreat
_llseek
GetCurrentThreadId
_lwrite
_lread
_lopen
GetVersionExW
MoveFileExW
VerifyVersionInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
_lclose
GetSystemTimeAsFileTime
MultiByteToWideChar
RemoveDirectoryW
GetSystemDirectoryW
CreateDirectoryW
SetFileTime
VerSetConditionMask
GetWindowsDirectoryW
GetProcAddress
lstrcpyW
GetLocaleInfoW
GetLastError
CreateMutexW
GetCurrentProcessId
GetPrivateProfileStringW
GetVolumeInformationW
GetModuleFileNameW
CloseHandle
FreeLibrary
LocalFree
GetPrivateProfileIntW
GetSystemDefaultUILanguage
SetFileAttributesW
GetFileAttributesW
DeleteFileW
WaitForSingleObject
CreateProcessW
lstrcatW
WriteFile
CreateFileW
SetFilePointer
FormatMessageW
lstrlenW
LocalAlloc
GetCurrentProcess
ExitProcess
DeviceIoControl
LoadLibraryW
GetModuleHandleW
GetSystemInfo
lstrcmpW
GetUserDefaultUILanguage
GetDiskFreeSpaceExW
OutputDebugStringW
GetSystemDefaultLangID
GlobalFree
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
lstrcmpiW
CopyFileW
WideCharToMultiByte

user32

LoadCursorW
wsprintfW
MessageBoxW
LoadStringW
SetForegroundWindow
ShowWindow
IsIconic
IsWindow
FindWindowW
SendMessageW
GetDlgItem
EndDialog
GetSystemMetrics
GetClientRect
SetWindowTextW
CreateDialogParamW
ExitWindowsEx
PostMessageW
SetWindowLongW
GetSysColor
DestroyWindow
EnableWindow
CheckDlgButton
IsDlgButtonChecked
SetCursor
SetDlgItemTextA
IsWindowVisible
GetDesktopWindow
CharLowerW
WinHelpW
LoadIconW
SetFocus
DialogBoxParamW
MessageBoxA
LoadStringA
DispatchMessageW
TranslateMessage
PeekMessageW

comctl32

ord17

setupapi

SetupCloseInfFile
SetupFindFirstLineW
SetupOpenInfFileW
SetupFindNextLine
SetupGetStringFieldW
SetupGetIntField

shlwapi

StrCatW
StrStrIW
StrRChrIW
PathCombineW
PathAppendW
PathFileExistsW

shell32

ord680
CommandLineToArgvW
ShellExecuteExW

lz32

LZClose
LZCopy
LZOpenFileW
GetExpandedNameW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TOT
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c1d533ebefb2bfc5721aac00fcd9664a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

comctl32

setupapi

shlwapi

shell32

lz32

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 512B - Virtual size: 27KB

.rsrc Size: 45KB - Virtual size: 44KB

.TOT Size: 9KB - Virtual size: 9KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 512B - Virtual size: 27KB

.rsrc
Size: 45KB - Virtual size: 44KB

.TOT
Size: 9KB - Virtual size: 9KB