a19fbf84c0850b4216d58a4f17aa7d3dffa3fdb345bd789e532b3a596dcec6c8

Sharing

Copy URL Twitter E-mail

General

Target

a19fbf84c0850b4216d58a4f17aa7d3dffa3fdb345bd789e532b3a596dcec6c8
Size

42KB
MD5

58eb0b9791843e953356fa0a2a3e3e22
SHA1

abd38cee3033aa4b6bfefa77aecc9191620ce4b3
SHA256

a19fbf84c0850b4216d58a4f17aa7d3dffa3fdb345bd789e532b3a596dcec6c8
SHA512

2d2c6d81bd2b6b99ea4f26e84e6a330ea700bdaa797a9d6a885d57a3ffe6cf17f855113c4b71a69270003e8e81b0d3fb671721cbba7f082fec50de131e9071e0
SSDEEP

768:8+a6lJrgdhG7k4cIbrhMV74U3UpWxjqIIDUHhVmkLA5bo3ibFpI2:m4Jr+G3K8JpWxjqIlBVLL2Mgpb

Score

N/A

Malware Config

Signatures

Files

a19fbf84c0850b4216d58a4f17aa7d3dffa3fdb345bd789e532b3a596dcec6c8
.exe windows x86

baff237b6b264319d3cb246cf0cc4553

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
HeapAlloc
GetProcessHeap
HeapFree
CreateFileW
SetFilePointer
ReadFile
WriteFile
UnlockFile
CloseHandle
LockFileEx
LoadLibraryW
GetProcAddress
GetTickCount
Sleep
GetCurrentProcess
GetModuleHandleW
DeleteFileA
GetFileAttributesA
LocalFree
GetLastError
GetFileAttributesW
SetFileAttributesW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
FindFirstFileW
GetModuleHandleA
GetStartupInfoW
GetCommandLineW
ExitProcess
CreateFileA
WideCharToMultiByte
GetVersionExW
GetTimeFormatA
GetDateFormatA
LoadLibraryA
FreeLibrary

msvcrt

_cexit
_initterm
__set_app_type
_vsnwprintf
wcsncmp
_wcsnicmp
_vsnprintf
wcslen
wcsstr

advapi32

RegQueryInfoKeyW
SetNamedSecurityInfoW
GetSecurityDescriptorDacl
RegDeleteValueW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey
RegDeleteValueA
RegEnumValueA
ConvertStringSecurityDescriptorToSecurityDescriptorW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree

oleaut32

SysStringLen
SysFreeString

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baff237b6b264319d3cb246cf0cc4553

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

ole32

oleaut32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 248B

.rsrc Size: 1024B - Virtual size: 984B

.0data Size: 20KB - Virtual size: 20KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 248B

.rsrc
Size: 1024B - Virtual size: 984B

.0data
Size: 20KB - Virtual size: 20KB