69333689a0374f6d6dcfb9e8e42de0ea87aeba160ccf146e43d48962168ab954

General

Target

69333689a0374f6d6dcfb9e8e42de0ea87aeba160ccf146e43d48962168ab954
Size

274KB
MD5

7313dc9fcdbf8825583fb9f63c6d85e0
SHA1

adf136908f6d2a0209a43fd0e14c51d6d2e518cd
SHA256

69333689a0374f6d6dcfb9e8e42de0ea87aeba160ccf146e43d48962168ab954
SHA512

2b93267ea664483eda95911531577711d0de0a8d063a88c45c180f49e5dd807461d39da757bf95a914158cdb491c97556d1e250ca5cb64ad1bb032e4bd77470f
SSDEEP

6144:hyLS5fNRHtD0Agq4KqAQc9lSC8QNQAaUBDqW/3ACQhjTye:fwA/FCcPwQ24Qhd

Score

N/A

Malware Config

Signatures

Files

69333689a0374f6d6dcfb9e8e42de0ea87aeba160ccf146e43d48962168ab954
.exe windows x86

b5459d96183ddfa2821be53389ebe26d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
WriteFileEx
GetExitCodeThread
SetThreadPriority
SleepEx
ReadFile
SetEvent
ReleaseSemaphore
GlobalAlloc
InterlockedDecrement
WaitForSingleObjectEx
SetEndOfFile
LCMapStringW
FindClose
FindFirstFileA
MapViewOfFile
CreateThread
WaitForSingleObject
DeleteCriticalSection
CreateDirectoryA
OpenEventA
SetFilePointer
ResetEvent
WaitForMultipleObjects
FreeLibrary
OpenMutexA
GetDiskFreeSpaceA
GetFileAttributesA
CreateMutexA
FindNextFileA
InterlockedIncrement
CompareStringW
EnterCriticalSection
CloseHandle
lstrcmpA
GetModuleHandleA
CreateEventA
GetModuleFileNameA
OpenFileMappingA
CreateFileA
CreateSemaphoreA
GetUserDefaultLangID
GetProcAddress
OpenSemaphoreA
LocalAlloc
ReadFileEx
ExpandEnvironmentStringsA
LoadLibraryW
RemoveDirectoryA
ReleaseMutex
GetLastError
UnmapViewOfFile
LeaveCriticalSection
lstrcpyA
WriteFile
GetCurrentProcessId
GetTickCount
GlobalFree
GetSystemInfo
GlobalFindAtomA
lstrlenA
GetFileSize

advapi32

DeregisterEventSource
FreeSid
RegCreateKeyExA
RegCloseKey
GetLengthSid
RegOpenKeyExA
ReportEventA
RegDeleteKeyA
RegDeleteValueA
SetSecurityDescriptorDacl
AllocateAndInitializeSid
RegisterEventSourceA
RegSetValueExA
RegQueryValueExA
InitializeAcl

msvcrt

strncmp
_makepath
rand
strncpy
fprintf
vprintf
isprint
_stricmp
_fullpath
fopen
_ftol
_strnicmp
printf
_itoa
_strupr
fflush
sprintf
fclose
wcslen
_iob
_splitpath
memmove
toupper

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5459d96183ddfa2821be53389ebe26d

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 50KB - Virtual size: 49KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 50KB - Virtual size: 49KB