20d9e542ec2d69a5351564fb6ea456cf259841e579e0e080248df02a09c9760b

Sharing

Copy URL Twitter E-mail

General

Target

20d9e542ec2d69a5351564fb6ea456cf259841e579e0e080248df02a09c9760b
Size

517KB
MD5

960ab204f88582e6f2cf4057658cb470
SHA1

d3c537e3afef1d41aad5c1b2d1346454c190c02a
SHA256

20d9e542ec2d69a5351564fb6ea456cf259841e579e0e080248df02a09c9760b
SHA512

57ee55944fc50b38735639c5b4d81516614604bd7fa44bbac43f96e2497bf9acbc5100ff819a34864e626c5d097b7666847f4ac725fd253f2cd4f758654dc718
SSDEEP

6144:GPAhVlWSk4xL6DJI3Q+4zbdSY0F9TSq4NI6jeDmhRgqA2oTAeMhgSkRL:GPAhV4SvxmVD+WY+eDmhILMhvg

Score

N/A

Malware Config

Signatures

Files

20d9e542ec2d69a5351564fb6ea456cf259841e579e0e080248df02a09c9760b
.exe windows x86

2acd37584d24cd3455bf449972055649

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetHandleInformation
SetEvent
ResetEvent
WideCharToMultiByte
FlushFileBuffers
WriteFile
CreateFileW
SetUnhandledExceptionFilter
EnterCriticalSection
GetFullPathNameW
GetSystemInfo
GetSystemTime
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameW
FindResourceW
FindClose
GetComputerNameExW
FindNextFileW
GetTempPathW
FindFirstFileW
DeleteCriticalSection
lstrcmpiW
SizeofResource
LockResource
SetLastError
LoadResource
GetLastError
LocalFree
lstrlenW
CreateMutexW
FindResourceExW
CloseHandle
GetCurrentThread
CreateEventW
FormatMessageW
WaitForSingleObject
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
GlobalMemoryStatusEx
GetCommandLineW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
VirtualAlloc
GetSystemTimeAsFileTime
VirtualFree
QueryDosDeviceW
GetDriveTypeW
MultiByteToWideChar
SetErrorMode
GetLogicalDrives
DeviceIoControl
GetDiskFreeSpaceExW
GetVolumeInformationW
GetModuleFileNameA
GetCurrentDirectoryA
OutputDebugStringA
GetVersionExA
LoadLibraryW
ReadProcessMemory
SuspendThread
ResumeThread
GetFileAttributesW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetProcAddress
GetThreadContext
FreeLibrary
InterlockedIncrement
GetTickCount
GetFileAttributesExW
QueryPerformanceCounter
GetDiskFreeSpaceW
QueryPerformanceFrequency
GetLocaleInfoW
GetModuleHandleW
GetCurrentDirectoryW
GetFileInformationByHandle
SetFilePointerEx
ReadFile
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedDecrement
Sleep
CreateFileA
FormatMessageA
ExitThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetStdHandle
ExitProcess
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
HeapCreate
WaitForMultipleObjects

user32

GetSystemMetrics
UnregisterClassA

advapi32

GetUserNameA
GetUserNameW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

shell32

ord680
CommandLineToArgvW

shlwapi

PathCombineW
PathStripPathW
PathRemoveExtensionW
PathIsRootW
PathIsDirectoryW

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.frdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2acd37584d24cd3455bf449972055649

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

version

Sections

.text Size: 324KB - Virtual size: 323KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 12KB - Virtual size: 9KB

.frdata Size: 72KB - Virtual size: 72KB

.text
Size: 324KB - Virtual size: 323KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 12KB - Virtual size: 9KB

.frdata
Size: 72KB - Virtual size: 72KB