bc766b31110e788266adc5307d330ba78ae82545aa26e54407fc1e387f4cf6fe

Sharing

Copy URL

Twitter E-mail

General

Target

bc766b31110e788266adc5307d330ba78ae82545aa26e54407fc1e387f4cf6fe
Size

236KB
MD5

0371732ffa8872a148e4877c65f2c30c
SHA1

a741040c2b93ec0e6130a8490c72db2eea1e1fdb
SHA256

bc766b31110e788266adc5307d330ba78ae82545aa26e54407fc1e387f4cf6fe
SHA512

fe76c236c939914cba0d90166e8bebb33d18112ee936b32a2159424d6d24fc28b5a14b910c249e6995761ece20e33312448eb08016988e41f2d7fd1eec7b8694
SSDEEP

6144:Nl3d7WDugvM2ZmzpYEa7O5HVWYsRcuZpu8llsUiD:fN7WSgvM28zw7AMpRbZpu8T9iD

Score

N/A

Malware Config

Signatures

Files

bc766b31110e788266adc5307d330ba78ae82545aa26e54407fc1e387f4cf6fe
.exe windows x86

7fa863ecfeef23f9ff92066b5501d0db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrcpyA
DeleteFileA
MoveFileA
Sleep
Process32Next
lstrcmpA
Process32First
CreateToolhelp32Snapshot
lstrlenA
LoadLibraryA
CreateDirectoryA
CopyFileA
lstrcmpiA
FindClose
FindNextFileA
FindFirstFileA
lstrcatA
GetModuleFileNameA
InterlockedDecrement
SetErrorMode
GetLastError
CreateEventA
MultiByteToWideChar
LocalFree
SetStdHandle
FlushFileBuffers
SetFilePointer
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
CreateProcessA
CloseHandle
RtlUnwind
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
HeapAlloc
HeapFree
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TlsAlloc
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapSize
GetFileAttributesA
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
IsBadReadPtr
IsBadCodePtr
InterlockedIncrement
GetStringTypeA
GetStringTypeW
GetExitCodeProcess
WaitForSingleObject

user32

wsprintfA
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA
IsWindow

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CLSIDFromString
OleRun
CoCreateInstance
CoInitialize
CLSIDFromProgID

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

netapi32

NetUserAdd
NetLocalGroupAddMembers

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa863ecfeef23f9ff92066b5501d0db

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

netapi32

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 24KB - Virtual size: 30KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 24KB - Virtual size: 30KB

.rsrc
Size: 44KB - Virtual size: 40KB