a68747a25d9c9330dbcdcd25bf7ac81c1d11b183d8605f743fd78dac05e74078

General

Target

a68747a25d9c9330dbcdcd25bf7ac81c1d11b183d8605f743fd78dac05e74078
Size

140KB
MD5

55943dc3cef593c2955d579187a53590
SHA1

56bbe2dff0e5c230b46d8b76fff77fa991bdbb71
SHA256

a68747a25d9c9330dbcdcd25bf7ac81c1d11b183d8605f743fd78dac05e74078
SHA512

5874197dbfcf41e47f245866697c3fe42a1cd54cb8353f62467a91e926bbb45a02d4baa51512e1ff246aa63ec294a52605cd2f16935f09cddf2dac03fd17c854
SSDEEP

3072:xEr5loOe3jtkvv5OFzOQIzwcF1IkXbCJA1+pSWnGNsc7YdNYPKq:xoqOe3jmcOQGwcF1IkX31+4Wn8sUAe3

Score

N/A

Malware Config

Signatures

Files

a68747a25d9c9330dbcdcd25bf7ac81c1d11b183d8605f743fd78dac05e74078
.exe windows x86

7c9e225b21bc49743daec7f0ac7e9ad4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW

kernel32

WaitForSingleObject
CopyFileW
GetSystemDirectoryW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetDiskFreeSpaceExW
CreateDirectoryW
FindNextFileW
FindFirstFileW
FindClose
RemoveDirectoryW
GetDriveTypeW
GetFileAttributesW
SetFileTime
GetFileTime
MoveFileW
DeleteFileW
SetEndOfFile
GetFileSize
SetFilePointer
WriteFile
CreateProcessW
CloseHandle
GetTickCount
GetModuleFileNameW
CreateFileW
FlushFileBuffers
ReadFile

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
swprintf_s
??2@YAPAXI@Z
wcscpy_s
wcsrchr
wcschr
memset
??3@YAXPAX@Z

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c9e225b21bc49743daec7f0ac7e9ad4

Headers

File Characteristics

Imports

shlwapi

kernel32

msvcr80

advapi32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 104KB - Virtual size: 104KB