dabfac957bb75f6ef1e2ddf410ab919a109d7e9d4174b6dc30b0635b46917671

Sharing

Copy URL

Twitter E-mail

General

Target

dabfac957bb75f6ef1e2ddf410ab919a109d7e9d4174b6dc30b0635b46917671
Size

258KB
MD5

80190a3dda41ecdef99dfb8f1c4382af
SHA1

22d4597d2426cba810be3bc96a229c10d38fcd45
SHA256

dabfac957bb75f6ef1e2ddf410ab919a109d7e9d4174b6dc30b0635b46917671
SHA512

1a88a1c0f90091ab2c6785738e63d19c706f1aba8c7d0400b2d4100ad67cbdb3fede900692effcb506cab1ddc7e34fb87bf7cafb1cf93d59fe3cc99305d24695
SSDEEP

6144:oTt/t72XtcLvmssPOLkweQ9epXN1YRxFE3eI3KD8Uae:m/t7ussPOiQ9epoR/XI3K9

Score

N/A

Malware Config

Signatures

Files

dabfac957bb75f6ef1e2ddf410ab919a109d7e9d4174b6dc30b0635b46917671
.exe windows x86

f53c0b521e08117427684f41e9056358

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
LockResource
FindResourceExW
InitializeCriticalSection
GetLastError
lstrlenW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
RaiseException
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetCommandLineW
GetModuleFileNameW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
CreateFileW
DeviceIoControl
CloseHandle
GetCurrentProcessId
LoadLibraryW
GetProcAddress
CreateFileA
SystemTimeToFileTime
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
SetFilePointerEx
WriteFile
ReadFile
GetFileSizeEx
OutputDebugStringW
FormatMessageW
SetLastError
LocalFree
GetSystemTime
CreateMutexW
TlsGetValue
WaitForSingleObject
TlsSetValue
GetAtomNameW
OpenThread
AddAtomW
ReleaseMutex
TlsAlloc
FindAtomW
DeleteAtom
TlsFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetStartupInfoW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CharNextW
DestroyWindow

advapi32

RegCloseKey
RegQueryValueExA
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW

shell32

ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize

oleaut32

VarUI4FromStr

shlwapi

PathAppendW
PathFileExistsW
SHGetValueW
StrCmpNIW
PathCombineW

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f53c0b521e08117427684f41e9056358

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 7KB - Virtual size: 17KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 77KB - Virtual size: 80KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 7KB - Virtual size: 17KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 77KB - Virtual size: 80KB