5887dd053a3d6f11dde022ac3653b24aa4b725ae0924de0226b0da006cf6f622

Sharing

Copy URL Twitter E-mail

General

Target

5887dd053a3d6f11dde022ac3653b24aa4b725ae0924de0226b0da006cf6f622
Size

91KB
MD5

1482c971d799cc45f29786baee028b80
SHA1

df70bed69c7487091a7e03dcb16d025b5ee73f2a
SHA256

5887dd053a3d6f11dde022ac3653b24aa4b725ae0924de0226b0da006cf6f622
SHA512

613f3c5949a9221cde35ca9f85bd7253d974181de0c29c324514344461647c0ae1075c8f62a6dea1c02cfb2e4f8b2c2c64057dcd7f60f48f048eb41ff72c69e1
SSDEEP

1536:gb3SZv6gIADAlAfFK7FclN3gwBDwazbwhmQVD5sawIHFmpdd6PUmo:gbkyAsB78WwKeAmyDKZpd

Score

N/A

Malware Config

Signatures

Files

5887dd053a3d6f11dde022ac3653b24aa4b725ae0924de0226b0da006cf6f622
.exe windows x86

44d9e58ef4a24079aa58a98e7c2b19d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
RegGetValueW

kernel32

MultiByteToWideChar
HeapFree
GetProcessHeap
WaitForSingleObject
CreateThread
CreateEventW
Sleep
RaiseException
GetCommandLineW
SetEvent
GetCurrentThreadId
CompareStringW
ExpandEnvironmentStringsW
CloseHandle
CreateProcessW
GetCurrentProcessId
GetModuleHandleExA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleFileNameW
FindResourceExW
LoadResource
HeapAlloc
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeSRWLock
LoadLibraryW
lstrcmpiW
GetModuleHandleW
LoadLibraryExW
GetProcAddress
GetLastError
FreeLibrary
SizeofResource
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringA

user32

CharNextW
PostThreadMessageW
CharUpperW
GetMessageW
TranslateMessage
DispatchMessageW
AllowSetForegroundWindow
UnregisterClassA

msvcrt

_exit
_cexit
__p__fmode
__setusermatherr
_initterm
_wcmdln
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_errno
realloc
_wcsicmp
wcstok_s
_lock
_unlock
__dllonexit
_onexit
_except_handler4_common
_controlfp
exit
__set_app_type
__wgetmainargs
_amsg_exit
__p__commode
_XcptFilter
_CxxThrowException
_callnewh
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
calloc
memmove_s
memset
_purecall
wcscat_s
wcscpy_s
wcsncmp
memcpy_s
malloc
wcsncpy_s
free
memcmp
__CxxFrameHandler3
memcpy

ole32

CoUninitialize
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize

oleaut32

SysStringByteLen
SafeArrayGetLBound
SafeArrayCreate
SafeArrayDestroy
SafeArrayLock
SafeArrayUnlock
SysFreeString
VarUI4FromStr
SysStringLen
SysAllocString
GetErrorInfo
SafeArrayGetUBound
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

shell32

SHGetKnownFolderPath

shlwapi

PathCanonicalizeW
PathFindFileNameW

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44d9e58ef4a24079aa58a98e7c2b19d7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

ole32

oleaut32

shell32

shlwapi

Sections

.text Size: 49KB - Virtual size: 49KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 27KB - Virtual size: 30KB

.text
Size: 49KB - Virtual size: 49KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 27KB - Virtual size: 30KB