a998a77ae53139cc688d228b20b53d47d043acdb2524767b0cdadcac177b5674

Sharing

Copy URL Twitter E-mail

General

Target

a998a77ae53139cc688d228b20b53d47d043acdb2524767b0cdadcac177b5674
Size

60KB
MD5

7bcecec6a2205dcd30b61d6bc5949db0
SHA1

cd8c7df491bafb62ea4d001fe5152550bae4db69
SHA256

a998a77ae53139cc688d228b20b53d47d043acdb2524767b0cdadcac177b5674
SHA512

b698ff1e173e1e4f46f9258e9ced6be40d17f80789db0fba0307f22a65fad8654677935c8a8dda08ca22e592ee0e8a60afc8da240c2d04d6e2b9cb73ecaae0eb
SSDEEP

1536:oqKBvTvFir87GiFuXoqKi38IwJc+RA+s8hx:oqqvTvFs87GiFloqSwvs8hx

Score

N/A

Malware Config

Signatures

Files

a998a77ae53139cc688d228b20b53d47d043acdb2524767b0cdadcac177b5674
.exe windows x86

8c65d7e752e9e61ac031b040f5d7830d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
GetStringTypeExA
GetCurrentThreadId
LeaveCriticalSection
WideCharToMultiByte
RaiseException
lstrlenW
FreeLibrary
MultiByteToWideChar
EnterCriticalSection
GetTickCount
InitializeCriticalSection
GetCurrentProcess
FlushInstructionCache
IsDBCSLeadByte
InterlockedIncrement
DeleteCriticalSection
GetThreadLocale
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LoadLibraryW
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualQuery
GetSystemInfo
VirtualProtect
InterlockedDecrement
lstrcmpiA
Process32First
OutputDebugStringA
GetModuleFileNameA
CreateToolhelp32Snapshot
DebugBreak
CloseHandle
GetLastError
CreateMutexA
lstrlenA
GetModuleHandleA
SetLastError
GetCommandLineA
ExitProcess
GetStartupInfoA
HeapReAlloc
HeapSize
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc

user32

SetWindowLongA
SetWindowPos
SetTimer
KillTimer
EndDialog
wvsprintfA
CharNextA
DialogBoxParamA
UnregisterClassA
DestroyWindow
GetActiveWindow

advapi32

RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

SHSetValueA

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c65d7e752e9e61ac031b040f5d7830d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 592B

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 592B