b77620cfbd523f4cad873b8a1938d0b27a03b4cb3562a315e7ff3b608fc618a4

Sharing

Copy URL Twitter E-mail

General

Target

b77620cfbd523f4cad873b8a1938d0b27a03b4cb3562a315e7ff3b608fc618a4
Size

539KB
MD5

80220f112693b9c3dadb08620ca4c980
SHA1

02849e23da2f2b4c37a5fa6f7f6a01de5314e642
SHA256

b77620cfbd523f4cad873b8a1938d0b27a03b4cb3562a315e7ff3b608fc618a4
SHA512

5cee8582ef7af6fd0778f85cbe86c38408492a63ec42715c363a0241da3abbcce690f3db5df096415392d84fa67eaaddac1817bc70778d664216ae43265e8ff2
SSDEEP

6144:zkqU/76x7Wuu7AujtJHFJCY9OGa7fy+la/fvHGAmddF17b:QqUD667A2FkPl6TmV1X

Score

N/A

Malware Config

Signatures

Files

b77620cfbd523f4cad873b8a1938d0b27a03b4cb3562a315e7ff3b608fc618a4
.exe windows x86

aadab0079b41d9314388f4f2b8353609

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
InterlockedDecrement
lstrlenA
lstrcmpiA
SetEvent
CreateThread
CreateEventA
InterlockedIncrement
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCommandLineA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
MultiByteToWideChar
GetModuleFileNameA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
WaitForSingleObject
IsDBCSLeadByte
CloseHandle
LoadLibraryA
InterlockedExchange
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
SetEnvironmentVariableA
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
FatalAppExitA
VirtualFree
HeapReAlloc
HeapCreate
HeapDestroy
Sleep
ExitProcess
WriteFile
GetStdHandle
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount

user32

PostThreadMessageA
CharNextW
CharNextA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoCreateInstance

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aadab0079b41d9314388f4f2b8353609

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 5KB - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 5KB - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 13KB - Virtual size: 12KB