cffbd7a331e52923cbdb095a14155fa206531d563efb54ff67316d88623b62ee

Sharing

Copy URL Twitter E-mail

General

Target

cffbd7a331e52923cbdb095a14155fa206531d563efb54ff67316d88623b62ee
Size

126KB
MD5

6926913552640f8d1966d137801bf9d0
SHA1

625de6ecc0e161907bba407b1cc4d2dce12b01dd
SHA256

cffbd7a331e52923cbdb095a14155fa206531d563efb54ff67316d88623b62ee
SHA512

5bf22f276ce3a9529c48ea61c617a29a68721dd5396679d2b29496f6cf27b98f33dd2b48057a6677cfd6db4d1ed65011d66576398299ccebc857baee77341d0d
SSDEEP

3072:dQbRyqCflCuAvvm/iMiiskUlJw3oVplcvQgmbwEstVSsS:d7YvvwWJRnbdstVS

Score

N/A

Malware Config

Signatures

Files

cffbd7a331e52923cbdb095a14155fa206531d563efb54ff67316d88623b62ee
.exe windows x86

6e892ba9a1dc1949f4bacdab096eb39c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetExitCodeProcess
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeInfo
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessShutdownParameters
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
Heap32ListFirst
IsProcessorFeaturePresent
LoadLibraryA
LoadLibraryExA
LoadResource
FreeResource
LocalFileTimeToFileTime
LocalFree
LocalHandle
LockResource
MulDiv
ReadConsoleOutputAttribute
RemoveDirectoryA
ResetEvent
RtlUnwind
SetCurrentDirectoryA
SetEvent
SetFileApisToANSI
SetFilePointer
SetFileTime
SetProcessPriorityBoost
SetThreadPriority
SizeofResource
TerminateJobObject
TerminateThread
Toolhelp32ReadProcessMemory
VirtualAlloc
VirtualFree
VirtualProtectEx
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
_lclose
_llseek
_lopen
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
FormatMessageA
FreeLibrary
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
ExpandEnvironmentStringsA
ExitProcess
DeleteTimerQueueEx
DeleteFileA
CreateThread
CreateProcessA
CreateEventA
CreateDirectoryA
CloseHandle
LocalAlloc
AllocConsole

gdi32

GetDeviceCaps

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges
RegSetValueExA

user32

CallWindowProcA
CharNextA
CharPrevA
CharUpperA
DialogBoxIndirectParamA
DispatchMessageA
EnableWindow
EndDialog
ExitWindowsEx
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetWindowLongA
GetWindowRect
LoadStringA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
wsprintfA

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e892ba9a1dc1949f4bacdab096eb39c

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 472B

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 472B