56da5c5f679f6cabfe594bb6bebfa1fb06df89c805f88aad989ba521f691c0a2

Sharing

Copy URL Twitter E-mail

General

Target

56da5c5f679f6cabfe594bb6bebfa1fb06df89c805f88aad989ba521f691c0a2
Size

322KB
MD5

7580c9824900bccb5afa7d66f3d9f629
SHA1

6efbbf6b84947be1c46f9b6df81b81d1ef0fe4ab
SHA256

56da5c5f679f6cabfe594bb6bebfa1fb06df89c805f88aad989ba521f691c0a2
SHA512

e0e9bc03050d3e0392aef0daf5cf0bc63dbfe1f53d10dbf196af98dd3d83e111a91a9d28656168cac98e95dcb671d2e58c63455b3840c0d2ff99e00bc08a88b4
SSDEEP

6144:0EoOFxoVUlpYLHOBh/ATKg3+X5rXOf1VeLDw6PCl6Lbebv:p3FxoKSbOBh6OX5rXyqLEhMk

Score

N/A

Malware Config

Signatures

Files

56da5c5f679f6cabfe594bb6bebfa1fb06df89c805f88aad989ba521f691c0a2
.exe windows x86

73a1e6b635ce97a974cd27284d3956cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

DeviceIoControl
GetTimeFormatA
GetCurrentProcess
CreateProcessA
GetTempFileNameA
GetDateFormatA
GetExitCodeProcess
HeapFree
CreateMutexA
CreateEventA
lstrcmpA
OpenEventA
GetDriveTypeA
ReleaseMutex
GetCurrentThread
GetCurrentThreadId
HeapAlloc
GetProcessHeap
WideCharToMultiByte
WinExec
FormatMessageA
SetEvent
FlushFileBuffers
SizeofResource
LoadResource
FindResourceA
TerminateProcess
OpenProcess
ReadProcessMemory
ExpandEnvironmentStringsA
CopyFileA
QueryDosDeviceA
GetSystemTime
DuplicateHandle
InterlockedExchange
GetVersionExA
InterlockedDecrement
GetEnvironmentVariableA
WaitForSingleObject
ResetEvent
LoadLibraryA
FreeLibrary
GetVersion
SetFileTime
CreateDirectoryA
LocalFileTimeToFileTime
GetCurrentDirectoryA
FindFirstFileA
FindClose
GetFileAttributesA
GetFullPathNameA
SetLastError
AreFileApisANSI
MultiByteToWideChar
lstrcpynA
GetDiskFreeSpaceA
UnmapViewOfFile
WriteFile
CreateFileA
CreateFileMappingA
MapViewOfFile
CloseHandle
GetFileSize
ReadFile
SetFilePointer
TlsGetValue
SystemTimeToFileTime
GetLastError
GetSystemDirectoryA
DeleteFileA
WaitForSingleObjectEx
TerminateThread
GetModuleHandleA
GetProcAddress
GetTickCount
Sleep
lstrlenA
lstrcpyA
GetFileType
lstrcatA
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetProfileStringA
GetPrivateProfileStringA
MoveFileExA
WritePrivateProfileStringA
SetFileAttributesA
SetEndOfFile
GetTempPathA
lstrcmpiA
GetModuleFileNameA
GetShortPathNameA
LocalFree
CreateThread
LocalAlloc
GetCurrentProcessId
MoveFileA
GetThreadLocale
SetProcessWorkingSetSize
FindNextFileA
WaitForMultipleObjects
UnhandledExceptionFilter
TlsAlloc
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
IsBadWritePtr
VirtualAlloc
InitializeCriticalSection
HeapCreate
HeapDestroy
VirtualFree
ExitProcess
GetCommandLineA
RaiseException
HeapSize
ResumeThread
GetStartupInfoA
RtlUnwind
ExitThread
InterlockedIncrement
HeapReAlloc
TlsSetValue
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle

user32

BringWindowToTop
SetActiveWindow
SetForegroundWindow
IsIconic
AttachThreadInput
GetWindowThreadProcessId
GetSystemMetrics
GetForegroundWindow
SystemParametersInfoA
SendMessageA
CharLowerA
wsprintfA
GetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenInputDesktop
LoadCursorA
DefWindowProcA
ShowWindow
OpenWindowStationA
SetProcessWindowStation
GetProcessWindowStation
PostQuitMessage
OpenDesktopA
GetMessageA
DispatchMessageA
TranslateMessage
GetWindowLongA
UpdateWindow
SetWindowLongA
LoadIconA
CreateWindowExA
RegisterClassA
GetFocus
IsWindow
SetFocus

gdi32

GetStockObject

advapi32

RegisterEventSourceA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegEnumKeyA
GetUserNameA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
ChangeServiceConfigA
QueryServiceConfigA
RegDeleteKeyA
QueryServiceStatus
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CreateProcessAsUserA
RegEnumValueA
RegOpenKeyA
RegEnumKeyExA
DeleteService
EnumDependentServicesA
ControlService
StartServiceA
DeregisterEventSource
ReportEventA
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
OpenThreadToken
LookupAccountSidA
IsValidSid
GetSecurityDescriptorOwner
CreateServiceA
DuplicateToken
DuplicateTokenEx
RevertToSelf
ImpersonateLoggedOnUser
SetTokenInformation
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegNotifyChangeKeyValue

shell32

SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc

ole32

CoInitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantClear
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysFreeString

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73a1e6b635ce97a974cd27284d3956cb

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 52KB - Virtual size: 85KB

.rsrc Size: 4KB - Virtual size: 1KB

.rrdata Size: 60KB - Virtual size: 60KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 52KB - Virtual size: 85KB

.rsrc
Size: 4KB - Virtual size: 1KB

.rrdata
Size: 60KB - Virtual size: 60KB