2dc0d804c385cee7f25a39eace9a0c1c28e207fd8e45c01d11d91a1c0f5f0643

General

Target

2dc0d804c385cee7f25a39eace9a0c1c28e207fd8e45c01d11d91a1c0f5f0643
Size

273KB
MD5

70999652fa8de8148899d94fcdeead30
SHA1

9c723563cfb1b436b323c4ed58481d220cf8223d
SHA256

2dc0d804c385cee7f25a39eace9a0c1c28e207fd8e45c01d11d91a1c0f5f0643
SHA512

eb7ebd9410ec8c2a09b45f5cac75e751b40a1efb9306018b5d686a42e2b4fd413d4a3158f9bc418d74aaa3825080b9a6a7f2f08efef8e19d0c8b4fa4e9c598a8
SSDEEP

6144:xvUECkQYLoeFVvKq4dO9TG5a55vFMAiLAx5gYy/9WHxo9YRa:x5LbFxHcGTmaHveLpYyl00YI

Score

N/A

Malware Config

Signatures

Files

2dc0d804c385cee7f25a39eace9a0c1c28e207fd8e45c01d11d91a1c0f5f0643
.exe windows x86

3f30ca30cb6ca4021b6ee34978196503

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncmp
_splitpath
wcslen
strncpy
vprintf
_strupr
fopen
_iob
rand
_fullpath
fclose
memmove
sprintf
printf
fprintf
fflush
isprint
_stricmp
_makepath
_itoa
_strnicmp
toupper

kernel32

CreateSemaphoreA
GetDiskFreeSpaceA
GetExitCodeThread
DeleteCriticalSection
GlobalAlloc
GetModuleFileNameA
GetCurrentProcessId
CreateFileA
WaitForSingleObjectEx
WriteFile
WaitForMultipleObjects
CreateDirectoryA
CreateMutexA
LoadLibraryW
GlobalFindAtomA
OpenSemaphoreA
CreateEventA
WriteFileEx
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
GetLastError
SetFilePointer
VirtualFree
RemoveDirectoryA
ReleaseSemaphore
lstrcpyA
MapViewOfFile
FreeLibrary
FindNextFileA
OpenEventA
InterlockedIncrement
GetModuleHandleA
OpenMutexA
ReleaseMutex
ReadFile
GetTickCount
UnmapViewOfFile
WaitForSingleObject
OpenFileMappingA
ReadFileEx
GetSystemInfo
FindFirstFileA
InterlockedDecrement
CompareStringW
lstrlenA
CloseHandle
LocalAlloc
GetProcAddress
EnterCriticalSection
SetEvent
SetThreadPriority
GetUserDefaultLangID
ResetEvent
SetEndOfFile
LCMapStringW
GetFileSize
GetFileAttributesA
LeaveCriticalSection
FindClose
CreateThread

advapi32

DeregisterEventSource
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
GetLengthSid
RegCreateKeyExA
FreeSid
InitializeAcl
ReportEventA
SetSecurityDescriptorDacl
RegDeleteValueA
AllocateAndInitializeSid
RegSetValueExA
RegisterEventSourceA

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f30ca30cb6ca4021b6ee34978196503

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 43KB - Virtual size: 42KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 43KB - Virtual size: 42KB