485cec7e883ddd84216b838dc5b9aee71fbe2238e6fda166a8955a6e7cd7e9dd

Sharing

Copy URL Twitter E-mail

General

Target

485cec7e883ddd84216b838dc5b9aee71fbe2238e6fda166a8955a6e7cd7e9dd
Size

168KB
MD5

9691d762b99f0cbc23fac8389c743bb0
SHA1

c688b32e21531ad52f5c15b85db8e1cb91f08e20
SHA256

485cec7e883ddd84216b838dc5b9aee71fbe2238e6fda166a8955a6e7cd7e9dd
SHA512

9852ebd062abbcce870d37d39f14cd13a0c6396c41059ff8231badd23b53133924c93f043fd63efafba17eb6bfd76634f635549273cd336dce93ca150a3bc7d1
SSDEEP

1536:JmCA35baHKg23Asn6Pn+v+xH4bB7q3F5tQBh6JUEPrzZS6mQcbWQwlxa:BA35bxAC2RGV7WF5tQBh6Jlp6WQwlg

Score

N/A

Malware Config

Signatures

Files

485cec7e883ddd84216b838dc5b9aee71fbe2238e6fda166a8955a6e7cd7e9dd
.exe windows x86

8318c9ffb191a574eefb4e2167984159

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey

psapi

GetModuleBaseNameW
EnumProcesses
EnumProcessModules

shell32

SHGetFolderPathW
CommandLineToArgvW

shlwapi

PathFileExistsW

user32

BeginPaint
DispatchMessageW
PeekMessageW
RegisterDeviceNotificationW
PostQuitMessage
TranslateMessage
CreateWindowExW
TranslateAcceleratorW
EndPaint
LoadCursorW
LoadIconW
DefWindowProcW
RegisterClassExW
LoadStringW
LoadAcceleratorsW
wsprintfW

kernel32

FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
HeapSize
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
CloseHandle
GetCommandLineW
Sleep
WaitForSingleObject
GetFileSize
CreateMutexW
CreateFileW
CopyFileW
lstrlenW
CreateProcessW
OpenProcess
UpdateResourceW
FindNextFileW
FindFirstFileW
FindResourceW
FreeLibrary
DeleteFileW
LoadResource
EndUpdateResourceW
LoadLibraryW
SizeofResource
GetLastError
BeginUpdateResourceW
FindClose
LockResource
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8318c9ffb191a574eefb4e2167984159

Headers

File Characteristics

Imports

advapi32

psapi

shell32

shlwapi

user32

kernel32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 100KB - Virtual size: 100KB