730d98c4b0b230f94fcde249a9316604fff10d024c339c532281ce70d216b7ee

Sharing

Copy URL Twitter E-mail

General

Target

730d98c4b0b230f94fcde249a9316604fff10d024c339c532281ce70d216b7ee
Size

354KB
MD5

6b72198fe0f7b1cbf3b852a5c0dea351
SHA1

6e6be9ec5ce34d232312d9d930be7cb811a0df55
SHA256

730d98c4b0b230f94fcde249a9316604fff10d024c339c532281ce70d216b7ee
SHA512

49482192a1018c788c897d31ac64377bea9b44396cafeb47cc76bb83855a1a3a3e9a4a78ab91452a9f1a78c94de45ce46b8d86ef1f6f5aae4b0f2f4034d2af24
SSDEEP

6144:I/aVyLRUEj0JUjPt44tAWlUiYJ9vzhNFgGv6NY5jgtxDdBl/x:O8NdWlUTXFoNYZGl/x

Score

N/A

Malware Config

Signatures

Files

730d98c4b0b230f94fcde249a9316604fff10d024c339c532281ce70d216b7ee
.exe windows x86

2f0c742bdab9e76101e9809e36e2e269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FlushConsoleInputBuffer
GetLocaleInfoA
GetACP
WriteProcessMemory
GlobalAlloc
UnhandledExceptionFilter
GetCommProperties
HeapReAlloc
OpenSemaphoreA
GetLogicalDrives
GetCommModemStatus
FindNextFileW
AllocConsole
EnumResourceLanguagesW
WriteConsoleW
FlushInstructionCache
WriteConsoleA
GetConsoleMode
GetVolumeInformationA
FreeEnvironmentStringsA
SetSystemTime
FindCloseChangeNotification
GlobalSize
TerminateThread
PostQueuedCompletionStatus
CreateFileMappingA
BeginUpdateResourceA
InitializeCriticalSection
EnumSystemLocalesA
WriteConsoleOutputCharacterA
InterlockedExchangeAdd
GetDiskFreeSpaceW
GetTempFileNameA
FindFirstChangeNotificationW
GetCommTimeouts
DefineDosDeviceA
IsBadStringPtrW
GlobalLock
GetTickCount
FindFirstFileW
TlsAlloc
SetConsoleCursorPosition
InterlockedDecrement
LoadLibraryExW
GlobalGetAtomNameW
ScrollConsoleScreenBufferA

ole32

CoGetCallContext
OleTranslateAccelerator
CoMarshalInterface
CreateILockBytesOnHGlobal

user32

wsprintfA
InsertMenuItemA
InternalGetWindowText
DestroyIcon
CountClipboardFormats
RegisterDeviceNotificationA
CopyAcceleratorTableW
SetWinEventHook
ToUnicode
SetCursorPos
LoadCursorA
GetActiveWindow
FillRect
BeginPaint
CharPrevA
OpenWindowStationW

advapi32

GetLengthSid
GetSidIdentifierAuthority
RegQueryValueExA
SetEntriesInAclW
AbortSystemShutdownA
SetTokenInformation
AddAce
CryptCreateHash
RegOpenKeyExW
RegOpenKeyW
NotifyBootConfigStatus
CryptGetProvParam
RegQueryValueA
GetUserNameW
AdjustTokenPrivileges
ImpersonateSelf
ImpersonateNamedPipeClient
GetSidLengthRequired

shell32

SHGetDesktopFolder
SHGetPathFromIDListA
CommandLineToArgvW
SHBrowseForFolderA

Sections

.text
Size: 40KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f0c742bdab9e76101e9809e36e2e269

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 357KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 286KB - Virtual size: 286KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 40KB - Virtual size: 357KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 286KB - Virtual size: 286KB

.rsrc
Size: 22KB - Virtual size: 21KB