76691770258384dd07a11c8e3d1852a8a655d50bb0634726a35c80874add0e9b

Sharing

Copy URL Twitter E-mail

General

Target

76691770258384dd07a11c8e3d1852a8a655d50bb0634726a35c80874add0e9b
Size

257KB
MD5

6bb7ff5faaa01b14163eb3873756f7c0
SHA1

31d2fe9aa18e011f1c1992d89758243e5768d623
SHA256

76691770258384dd07a11c8e3d1852a8a655d50bb0634726a35c80874add0e9b
SHA512

4d246f798fc54e2940996695f3c85fa0e3da31ac0f8bb8e7aa24330ada1dd5180808820c9ebf0408b1fc6818b6849cdcb138d7d9c990901bd17576cebf1e5a95
SSDEEP

6144:KtIGO635Nht1MEUKy0ZrGSosRoOMp0ZdEQ6b1u33UaS5:nGl3dYu1XlR/61uHUt5

Score

N/A

Malware Config

Signatures

Files

76691770258384dd07a11c8e3d1852a8a655d50bb0634726a35c80874add0e9b
.exe windows x86

d8ab85665373bd3ad3df0c3cf9ed53d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
SetEvent
LoadLibraryA
OpenMutexA
GetCurrentProcessId
CompareFileTime
GetComputerNameA
FileTimeToSystemTime
WaitForMultipleObjects
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
GetCurrentThreadId
GetCurrentDirectoryA
FreeLibrary
Sleep
GetLastError
CreateEventA
CreateMutexA
WaitForSingleObject
GetVersionExA
SystemTimeToFileTime
ExitProcess
GetFileAttributesA
RaiseException
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
HeapCreate
IsBadWritePtr
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
MultiByteToWideChar
SetUnhandledExceptionFilter
GetStartupInfoA
GetEnvironmentStringsW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemInfo
IsBadReadPtr
IsBadCodePtr
GetVersion
GetProcAddress

user32

wsprintfA
GetKeyboardLayout
PostMessageW
SetWindowPos
GetSystemMetrics
LoadCursorA
CheckMenuItem
GetCapture
RegisterClassExA
ShowCaret
InsertMenuItemW
EnableMenuItem
AppendMenuW
UnregisterClassA
GetMenuInfo
LoadImageA
CharLowerA
SetWindowTextW
LoadMenuA
SetDlgItemInt
InsertMenuA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
InitializeSecurityDescriptor
GetSidLengthRequired
InitializeAcl
InitializeSid
GetSidSubAuthority
AddAccessAllowedAce
SetSecurityDescriptorDacl
IsValidSecurityDescriptor

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

cfgmgr32

CM_Free_Log_Conf
CM_Next_Range

gdi32

CreateEllipticRgn
SelectBrushLocal
CreateFontIndirectA
RemoveFontResourceA
CreatePen
AddFontResourceW
CreateScalableFontResourceA
UpdateICMRegKeyA
CreateBitmap
CreateICW

Sections

CODE
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rWYfm
Size: 104KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ATgjp
Size: 113KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8ab85665373bd3ad3df0c3cf9ed53d6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

cfgmgr32

gdi32

Sections

CODE Size: 7KB - Virtual size: 6KB

CODE Size: 14KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.rWYfm Size: 104KB - Virtual size: 108KB

.data Size: 6KB - Virtual size: 282KB

.ATgjp Size: 113KB - Virtual size: 129KB

.rsrc Size: 9KB - Virtual size: 8KB

CODE
Size: 7KB - Virtual size: 6KB

CODE
Size: 14KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.rWYfm
Size: 104KB - Virtual size: 108KB

.data
Size: 6KB - Virtual size: 282KB

.ATgjp
Size: 113KB - Virtual size: 129KB

.rsrc
Size: 9KB - Virtual size: 8KB