a4553f7da84b6f3b8dd4e4856e4f4a45be458b445724d196e7f9ba0efefe8fe9

Sharing

Copy URL Twitter E-mail

General

Target

a4553f7da84b6f3b8dd4e4856e4f4a45be458b445724d196e7f9ba0efefe8fe9
Size

147KB
MD5

8059e0756e42a8607a1b73f1fc88f630
SHA1

4c77b5edb94b4560f7ea88e4c2398f5fb6606a78
SHA256

a4553f7da84b6f3b8dd4e4856e4f4a45be458b445724d196e7f9ba0efefe8fe9
SHA512

14851d1c589029f8f2d23ee8f0b825c7ccd436c5a62bc69c91a3abf305fb0cf1ad019154472bc8c2d0b6df96a6c65fce38c1a998a73a46266b6d09717cf45f74
SSDEEP

3072:p9lzOLxYHwySYM//R6AG/MNJtAsyqS0JP9EBztZjdFoxxsvW:d4xYHOYM//R1G/MNJtAsFS0JP9EBRR8V

Score

N/A

Malware Config

Signatures

Files

a4553f7da84b6f3b8dd4e4856e4f4a45be458b445724d196e7f9ba0efefe8fe9
.exe windows x86

f54ba46c3e9dc83376b4193d71a67a20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

wcslen
swscanf
_wgetcwd
_wgetenv
_wcsicmp
tolower
wprintf
realloc
_wtol
wcsncpy
wcscmp
_vsnwprintf
_snwprintf
_except_handler3
_wmakepath
_wtoi
isprint
free
swprintf
isdigit
memmove
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
calloc
wcscpy
_wsplitpath
wcscat
_controlfp
__set_app_type

advapi32

RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
OpenProcessToken
GetUserNameW
LookupPrivilegeValueW
ClearEventLogW
OpenEventLogW
CloseEventLog
DeregisterEventSource
ReportEventW
RegDeleteValueW
AdjustTokenPrivileges
RegCreateKeyExW
ReadEventLogW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegisterEventSourceW

kernel32

LocalAlloc
ResumeThread
GetPriorityClass
RaiseException
VirtualAlloc
GetThreadPriority
FreeLibrary
GetVersionExA
DeleteFileW
MultiByteToWideChar
ExpandEnvironmentStringsW
SetThreadContext
FindResourceExW
LoadResource
LockResource
GetFileAttributesW
CreateDirectoryW
GetModuleHandleW
GetLastError
ContinueDebugEvent
SetEvent
CloseHandle
WaitForSingleObject
CreateThread
WaitForDebugEvent
SetErrorMode
ExitProcess
GetDateFormatW
GetLocalTime
DebugActiveProcess
InterlockedExchange
GetCurrentProcess
GetVersion
GetSystemInfo
Sleep
GetComputerNameW
TerminateProcess
OpenProcess
FormatMessageW
ReadProcessMemory
GetCommandLineW
GetThreadContext
VirtualFree
VirtualQueryEx
LoadLibraryA
DelayLoadFailureHook
TerminateThread
GetProcAddress
SuspendThread
LocalFree
SetFilePointer
GetModuleFileNameW
CreateFileW
WriteFile
WideCharToMultiByte
ReleaseSemaphore
CreateSemaphoreW
OpenSemaphoreW
ReadFile

dbghelp

SymGetModuleInfo
SymLoadModule
SymGetSymFromAddr
StackWalk
SymEnumerateSymbolsW
SymSetSearchPath
SymInitialize
SymGetModuleInfoW
SymFunctionTableAccess

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 176KB - Virtual size: 472KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f54ba46c3e9dc83376b4193d71a67a20

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

dbghelp

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 11KB - Virtual size: 18KB

.rsrc Size: 13KB - Virtual size: 12KB

.vmp0 Size: 176KB - Virtual size: 472KB

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 11KB - Virtual size: 18KB

.rsrc
Size: 13KB - Virtual size: 12KB

.vmp0
Size: 176KB - Virtual size: 472KB