1761fe92bb8f882748d110b59ea282a27545ce7008ba0ca181cac3ec53f1c69b

Sharing

Copy URL Twitter E-mail

General

Target

1761fe92bb8f882748d110b59ea282a27545ce7008ba0ca181cac3ec53f1c69b
Size

149KB
MD5

712957877fca69a4c2efdad7db6380a2
SHA1

3bc9970918628c9b205453df9ca1aca8666375c6
SHA256

1761fe92bb8f882748d110b59ea282a27545ce7008ba0ca181cac3ec53f1c69b
SHA512

d501f0c0e21c94388238817b0f5fc02208e9f54d43e5b43276af76c34805b3cfbc813cbd557af20e8ef8efd2ab809c52ca7ac542e190e8edaf5fa0c39809170c
SSDEEP

3072:E0YREbY+Po9HJZt6cyMUOqlhiKwpmze2jlwYUnjf:zYRE10T1MGGeowF

Score

N/A

Malware Config

Signatures

Files

1761fe92bb8f882748d110b59ea282a27545ce7008ba0ca181cac3ec53f1c69b
.exe windows x86

3ec668519f9b089f6bb1a45e4e2e8403

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
FindClose
MoveFileExW
FindNextFileW
FindFirstFileW
RemoveDirectoryW
CreateDirectoryW
CreateFileW
CopyFileExW
ConnectNamedPipe
GetCurrentThreadId
CreateFileA
WaitNamedPipeA
GetVersionExA
CreateThread
GetCurrentProcess
DisconnectNamedPipe
CreateNamedPipeA
DeviceIoControl
CloseHandle
WriteFile
LocalFree
GetTickCount
Sleep
PeekNamedPipe
ReadFile
GetLastError
LoadLibraryA
GetProcAddress
DeleteFileW
SetFileAttributesW
GetModuleHandleA
VirtualFree
HeapCreate
WideCharToMultiByte
MultiByteToWideChar
LocalAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

MessageBoxA

advapi32

LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityW
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
AdjustTokenPrivileges
SetSecurityDescriptorControl
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
AddAccessAllowedAce
GetLengthSid
LookupAccountNameA
GetFileSecurityW
GetUserNameA

shell32

SHFileOperationW

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ec668519f9b089f6bb1a45e4e2e8403

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 6KB

.nrdata Size: 76KB - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 6KB

.nrdata
Size: 76KB - Virtual size: 76KB