8f3854c653e9f2efe602cb7b8a926a6ba4b82a016698ac4941d975e650bdc131

Sharing

Copy URL Twitter E-mail

General

Target

8f3854c653e9f2efe602cb7b8a926a6ba4b82a016698ac4941d975e650bdc131
Size

201KB
MD5

4e039af6d02d6fca3f0923288b4f6ef8
SHA1

82761d30148e030f09b564ad81fa9affb9198b81
SHA256

8f3854c653e9f2efe602cb7b8a926a6ba4b82a016698ac4941d975e650bdc131
SHA512

e32f9a22732095af7cc5744eaff885aa8f0522715fa79ca9d4abfb32fcead9f9f981fb059f4bab5cdb77df402cb4334f01e4543f4d51d0b532680a7b54912865
SSDEEP

3072:j3AS8MbMnDLbXrHRtJtg7Rat+Xt+8QjZE+dECjN/bd/Km7KJWLGJ1Na8:j3A3Mbi1tc4wb7aNbd/KmeJWE1Na8

Score

N/A

Malware Config

Signatures

Files

8f3854c653e9f2efe602cb7b8a926a6ba4b82a016698ac4941d975e650bdc131
.exe windows x86

37990eee48e931ba563d0bb570473074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
WaitForMultipleObjects
GetModuleFileNameW
CreateThread
CreateEventW
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
OpenThread
GetCommandLineW
GetCurrentThreadId
CloseHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
IsValidCodePage
GetOEMCP
GetCPInfo
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetEvent
lstrcmpiW
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetProcessHeap
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount

user32

CharNextW
PostThreadMessageW
DispatchMessageW
GetMessageW
UnregisterClassA

ole32

CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CreateClassMoniker
GetRunningObjectTable
CoUninitialize

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37990eee48e931ba563d0bb570473074

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

advapi32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 36KB - Virtual size: 35KB

.yrdata Size: 76KB - Virtual size: 76KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 36KB - Virtual size: 35KB

.yrdata
Size: 76KB - Virtual size: 76KB