aebbeaf948dfbd9c7114f36102da52d5b83ffe9ee46a857dd272c57143e23830

Sharing

Copy URL

Twitter E-mail

General

Target

aebbeaf948dfbd9c7114f36102da52d5b83ffe9ee46a857dd272c57143e23830
Size

212KB
MD5

7741b6f964227fdd6937b2eff35b83a0
SHA1

318e5668dab78433510f0baaf7523e7ae0c1b111
SHA256

aebbeaf948dfbd9c7114f36102da52d5b83ffe9ee46a857dd272c57143e23830
SHA512

93e50f1ff07cb7eacd390f17eaa41f3ad383d3ddec52677b30fbae1b903d6237a19e80ae6ec327cda60d05d7661521788880a95aa52f2a4283be1e2afc5009ca
SSDEEP

6144:ZMfck8IbwrDC9/ufOcIHEl+HBUgxvjBasG:2fck8IlG3Ikl+UgdjBaD

Score

N/A

Malware Config

Signatures

Files

aebbeaf948dfbd9c7114f36102da52d5b83ffe9ee46a857dd272c57143e23830
.exe windows x86

294cc58683bd9178ecd4b4964acf01a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sti

StiCreateInstanceW

psapi

EnumProcessModules
GetModuleBaseNameW
EnumProcesses

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
lstrlenW
GetUserDefaultLCID
WaitForSingleObject
OpenProcess
CloseHandle
TerminateProcess
MoveFileExW
SetEvent
GetLastError
OpenEventW
CreateProcessW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
FindFirstFileW
WriteFile
ReadFile
CreateFileW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateFileA
GetACP
GetProcAddress
IsValidCodePage
GetModuleFileNameW
CreateMutexW
SetLastError
ReleaseMutex
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe
FlushFileBuffers
ReleaseSemaphore
CreateSemaphoreW
lstrcpynW
lstrcmpiW
lstrcatW
lstrcpyW
LoadLibraryW
FreeLibrary
GetFileAttributesW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetModuleHandleW
GetStringTypeW
GetStringTypeA
LCMapStringW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
RaiseException
GetCPInfo
GetOEMCP
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
VirtualAlloc
LoadLibraryA
InitializeCriticalSection
RtlUnwind
LCMapStringA
WideCharToMultiByte

user32

LoadStringW
MessageBoxW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFolderPathW
DoEnvironmentSubstW

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

294cc58683bd9178ecd4b4964acf01a1

Headers

File Characteristics

Imports

sti

psapi

kernel32

user32

advapi32

shell32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 104KB - Virtual size: 104KB