5f0dfac841bb89908d138bc3eea8634738362ca8003524e2e4e81c9807ae4f41

Sharing

Copy URL

Twitter E-mail

General

Target

5f0dfac841bb89908d138bc3eea8634738362ca8003524e2e4e81c9807ae4f41
Size

104KB
MD5

6b3fc93e3db0663640ae3abe6766dcbe
SHA1

7dfd4c6735db9519a65d8bbb9120673eb0496035
SHA256

5f0dfac841bb89908d138bc3eea8634738362ca8003524e2e4e81c9807ae4f41
SHA512

d93d898e4369aa28f44c6fc9e80ac38d9d3979e3895c5d9a99cd9b263aff0e83de807f68e301a0973c4ac6e94530550b51c5d3025ba534fa6665b28a3506c762
SSDEEP

1536:j6CHOOMyRIKOrKTgoV5d3s6wUinu9u3okkBwKCe/LiwKCel:7HOOMyRI7kgoLd3H9xeokkBwI/LiwIl

Score

N/A

Malware Config

Signatures

Files

5f0dfac841bb89908d138bc3eea8634738362ca8003524e2e4e81c9807ae4f41
.exe windows x86

dc538ed0c3e66bab2deea04992b6f745

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
FindNextFileA
FindFirstFileA
GetLocalTime
GetModuleFileNameA
WinExec
TerminateProcess
OutputDebugStringA
GetPrivateProfileStringA
Sleep
CreateThread
QueryDosDeviceA
GetLogicalDriveStringsA
FindClose
DeleteFileA
GetCurrentProcessId
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
ExitProcess
ReleaseMutex
CreateMutexA
SetUnhandledExceptionFilter
TerminateThread
GetPrivateProfileIntA
WritePrivateProfileStringA
CreateProcessA
OpenProcess
WriteFile
SizeofResource
LoadResource
FindResourceA
lstrcatA
lstrcpyA
SetThreadPriority
GetCurrentThread
ReadFile
SetFilePointer
SetFileAttributesA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GlobalMemoryStatus
CreateProcessW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetLastError
GetCommandLineA
GetVersion
ReadProcessMemory
CloseHandle
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
RaiseException
GetStartupInfoA
GetModuleHandleA
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
LocalFree

user32

wsprintfA
SetThreadDesktop
GetThreadDesktop
CreateDesktopA
SendMessageA
FindWindowExA
IsWindow
wsprintfW
FindWindowA
MessageBoxA

advapi32

BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
SetEntriesInAclA
SetNamedSecurityInfoA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHChangeNotify
SHGetSpecialFolderPathA

ole32

CoInitialize
OleRun
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
GetErrorInfo
SysAllocString
SysFreeString
VariantCopy
VariantInit

shlwapi

SHDeleteValueA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecA
SHDeleteKeyA

netapi32

Netbios

wininet

InternetConnectA
InternetOpenA
HttpOpenRequestA
HttpSendRequestA

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc538ed0c3e66bab2deea04992b6f745

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

netapi32

wininet

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 16KB - Virtual size: 13KB