321287734e7754729f67d30e8d84265c7eb831637312e6255ba7d46172e647ac

Sharing

Copy URL Twitter E-mail

General

Target

321287734e7754729f67d30e8d84265c7eb831637312e6255ba7d46172e647ac
Size

495KB
MD5

920c61c474996c2fa69a0edc8af71bf1
SHA1

927df3496bc7e4f6bff2cc2a92445e2aec2921a2
SHA256

321287734e7754729f67d30e8d84265c7eb831637312e6255ba7d46172e647ac
SHA512

f7bd0e49e9f12082d2564188c97f34f3161788d00bcf74268f8f221d6336729cd044e7899f73460fe418dd2c22a525eca23d76f922bd1ad09e25f961b2539960
SSDEEP

12288:zWJw/HZG6tvl4HrCQprf2a5nWvvt3IgHRM5v:kEHZG6T0VxnhQYgxCv

Score

N/A

Malware Config

Signatures

Files

321287734e7754729f67d30e8d84265c7eb831637312e6255ba7d46172e647ac
.exe windows x86

d9e3155eddabd3a25a0621ee7fa3c899

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
SetConsoleActiveScreenBuffer
TerminateProcess
IsDebuggerPresent
LoadLibraryA
GetConsoleCursorInfo
FlushFileBuffers
WideCharToMultiByte
SetFilePointer
GetLocaleInfoW
GetSystemTime
LCMapStringA
GetDateFormatA
LCMapStringW
GetWindowsDirectoryW
WriteConsoleW
CompareStringW
GetOEMCP
GetModuleFileNameA
CloseHandle
GetSystemTimeAdjustment
HeapReAlloc
HeapFree
GetCurrentProcessId
GetPrivateProfileSectionA
LeaveCriticalSection
InterlockedDecrement
CreateFileA
SetThreadContext
GetUserDefaultLCID
SetHandleCount
SetEnvironmentVariableA
GetStringTypeW
GetProcessHeap
SetStdHandle
HeapSize
GetConsoleMode
FreeEnvironmentStringsW
VirtualQuery
GetSystemTimeAsFileTime
GlobalGetAtomNameA
GetLocalTime
GetEnvironmentStrings
HeapDestroy
SetCurrentDirectoryW
GetCurrentThreadId
GetCPInfo
RtlUnwind
SetLastError
WriteConsoleA
GetLastError
GetLocaleInfoA
HeapCreate
GlobalCompact
MultiByteToWideChar
IsValidCodePage
GetStdHandle
GetTickCount
TlsFree
FormatMessageW
EnumSystemLocalesA
GetPriorityClass
FreeLibrary
TlsAlloc
GetCurrentThread
CreateMutexW
GetModuleFileNameW
GetStartupInfoW
QueryPerformanceCounter
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
InitializeCriticalSection
IsValidLocale
OpenMutexA
GetModuleHandleA
GetACP
GetConsoleCP
GetVersionExA
FileTimeToSystemTime
GetFileAttributesExW
GetConsoleOutputCP
InterlockedExchange
GetTimeZoneInformation
UnhandledExceptionFilter
DeleteCriticalSection
CreateMutexA
Sleep
WriteFile
ReadConsoleA
LockFile
GetStartupInfoA
GetFileType
CreateSemaphoreW
GetTempFileNameW
LocalSize
GetCommandLineA
GetProcAddress
InterlockedIncrement
EnterCriticalSection
GetEnvironmentStringsW
ExitProcess
GetCurrentProcess
TlsGetValue
ReadConsoleOutputAttribute
HeapAlloc
VirtualAlloc
ReadFile
OpenProcess
GetStringTypeA
GetCommandLineW
GetTimeFormatA
VirtualFree
TlsSetValue
SetConsoleCtrlHandler

user32

CreateWindowExW
RegisterClassA
RegisterClassExA
ValidateRect
CreateWindowExA
MessageBoxA
ShowWindow
SetSysColors
DrawFrameControl
SetForegroundWindow

comctl32

CreateStatusWindowA
_TrackMouseEvent
ImageList_AddMasked
ImageList_LoadImageW
ImageList_SetIconSize
ImageList_SetFlags
ImageList_Read
CreatePropertySheetPageW
GetEffectiveClientRect
ImageList_EndDrag
ImageList_LoadImageA
InitCommonControlsEx
DrawStatusTextA
ImageList_GetImageInfo
ImageList_Copy
ImageList_GetDragImage
CreateUpDownControl
CreateStatusWindowW

advapi32

RegCreateKeyA
StartServiceW
CryptSignHashW
CryptAcquireContextA
ReportEventA
RegEnumKeyExA
CryptReleaseContext
RegQueryValueW
RegSetValueA
CryptGetHashParam
LogonUserA
CryptDestroyHash
RegEnumValueA
LogonUserW
RegSetKeySecurity
RegQueryValueA
CryptDuplicateHash
CryptEnumProviderTypesA

Sections

.text
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9e3155eddabd3a25a0621ee7fa3c899

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 353KB - Virtual size: 352KB

.rdata Size: 18KB - Virtual size: 31KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 353KB - Virtual size: 352KB

.rdata
Size: 18KB - Virtual size: 31KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 8KB - Virtual size: 8KB