e333a4aff1d2539bdeea0aafacc6d70c18519874bb861a5141749269b19d5df4

Sharing

Copy URL Twitter E-mail

General

Target

e333a4aff1d2539bdeea0aafacc6d70c18519874bb861a5141749269b19d5df4
Size

128KB
MD5

8122aac231e61f9a23c19081ca5ecd90
SHA1

ec5291590c9ec95c0158f00ae23087732630daaf
SHA256

e333a4aff1d2539bdeea0aafacc6d70c18519874bb861a5141749269b19d5df4
SHA512

3c2240e4ac68906e1c052551edc8eff29a7b174fe314ad58ed2921fe56457ae79eae05403ccdab602831886e14af2cd301dda2643771d6f56c0be847b2bf3633
SSDEEP

1536:zTtpZ/eZSMbdt0GQtQpqVQpqLazMbcLLbx6zcKXXN1y:zzZ/ed/0WdUzcI

Score

N/A

Malware Config

Signatures

Files

e333a4aff1d2539bdeea0aafacc6d70c18519874bb861a5141749269b19d5df4
.exe windows x86

2d52a617eedda4c59fcb54f690835b2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
SetFileAttributesA
CopyFileA
MoveFileExA
Sleep
GetCurrentProcess
HeapAlloc
GetProcessHeap
GetFileSize
SetUnhandledExceptionFilter
CreateThread
CreateEventA
GetCommandLineW
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetTickCount
FreeLibrary
LoadLibraryA
ExitProcess
GetSystemDirectoryA
GetModuleFileNameA
GetEnvironmentVariableA
WriteFile
CreateFileA
LoadResource
SizeofResource
FindResourceA
MultiByteToWideChar
lstrlenA
GetLastError
TerminateProcess
HeapFree
GetStdHandle
AllocConsole
FreeConsole
SetLastError
LocalFree
FormatMessageA
SetFilePointer
lstrcatA
GetLocalTime
VirtualAllocEx
OpenProcess
WriteProcessMemory
GetModuleHandleA
GetProcAddress
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
WinExec
CloseHandle

user32

wsprintfA
PostMessageA
FindWindowA
wvsprintfA
MessageBoxA

advapi32

RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
LookupPrivilegeValueA

shell32

CommandLineToArgvW

shlwapi

PathFileExistsA

ws2_32

WSAGetLastError

comctl32

ord14

msvcrt

??3@YAXPAX@Z
strlen
sprintf
fclose
fopen
strcat
__CxxFrameHandler
rand
srand
fseek
strcpy
strcmp
fwrite
fputc
fread
memset

msvcp60

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z

ntdll

_stricmp

Sections

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2d52a617eedda4c59fcb54f690835b2e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

ws2_32

comctl32

msvcrt

msvcp60

ntdll

Sections

.bss Size: 4KB - Virtual size: 4KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 8KB

.bss
Size: 4KB - Virtual size: 4KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 8KB