262b022e6645ce594e5160076d5f24195d5be991a15f7728bad7239f2e295c67

Sharing

Copy URL

Twitter E-mail

General

Target

262b022e6645ce594e5160076d5f24195d5be991a15f7728bad7239f2e295c67
Size

706KB
MD5

74c005acc7823b33a171822c1cc2e2cd
SHA1

3afad33013b6675b0dbc6c6c23b295e88c40dc96
SHA256

262b022e6645ce594e5160076d5f24195d5be991a15f7728bad7239f2e295c67
SHA512

fbe47215c64365f111f0aa08852e0bde81776032bee9595818aa775d17bc2c58099c35248b834c2dc02a1cdf6cb8cf271ab58ea9f34385e53773039c7df78ddb
SSDEEP

12288:Kjf995fTiw7JmveH6USn+FQEXlVkGHRHqjDL1cic75+pEO3WDV018MKBuSNMBzSX:K75mveH6USn+FQEXhojP1bcVjV018MKH

Score

N/A

Malware Config

Signatures

Files

262b022e6645ce594e5160076d5f24195d5be991a15f7728bad7239f2e295c67
.exe windows x86

467c225b99b5477ab02268089de02699

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32NextW
CreateToolhelp32Snapshot
GetCurrentProcessId
SetStdHandle
Module32FirstW
GetStringTypeW
HeapReAlloc
GetConsoleCP
SetFilePointer
RtlUnwind
Process32FirstW
CreateProcessW
SetCurrentDirectoryW
FindClose
lstrlenW
OpenProcess
WaitForSingleObject
FindFirstFileW
LockResource
GetVersionExW
SizeofResource
LoadResource
FindResourceW
MultiByteToWideChar
WriteFile
DeleteFileW
CloseHandle
DeviceIoControl
GetProcAddress
GetCurrentDirectoryW
GetLastError
CreateFileW
CopyFileW
LoadLibraryW
GetSystemDirectoryW
GetModuleHandleW
FreeLibrary
GetCurrentProcess
LocalFree
ReadConsoleInputW
SetConsoleMode
GetConsoleMode
GetSystemTimeAsFileTime
GetCommandLineW
HeapSetInformation
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
HeapCreate
QueryPerformanceCounter
GetTickCount
FlushFileBuffers

shlwapi

SHGetValueW
PathFileExistsW

wininet

InternetOpenW
InternetReadFile
InternetCloseHandle
InternetOpenUrlW
InternetQueryDataAvailable

user32

GetSystemMetrics
CharUpperW
CharLowerW

advapi32

GetTokenInformation
ConvertSidToStringSidW
FreeSid
SetEntriesInAclW
AllocateAndInitializeSid
SetNamedSecurityInfoW
RegEnumKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownW
RegEnumKeyExW
OpenProcessToken
RegSetValueExW
RegCloseKey
ControlService
RegOpenKeyExW
ChangeServiceConfigW
RegDeleteValueW
StartServiceW
RegDeleteKeyW
RegQueryValueExW
RegSetValueW
RegCreateKeyExW
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

467c225b99b5477ab02268089de02699

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

wininet

user32

advapi32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 102KB - Virtual size: 102KB

.reloc Size: 7KB - Virtual size: 7KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 102KB - Virtual size: 102KB

.reloc
Size: 7KB - Virtual size: 7KB

.vmp0
Size: 500KB - Virtual size: 1.6MB