2f7ec7876d32140d1d9922e8da123562420520f5f62c7f8243e6d6ec0613aca7

Sharing

Copy URL Twitter E-mail

General

Target

2f7ec7876d32140d1d9922e8da123562420520f5f62c7f8243e6d6ec0613aca7
Size

188KB
MD5

52418dc91f344cdac319ed51196638e9
SHA1

e662dba67796b75e4d2fd5eea9c0537783926153
SHA256

2f7ec7876d32140d1d9922e8da123562420520f5f62c7f8243e6d6ec0613aca7
SHA512

2ad0bd92489dff8894efc868c89d95aa78eb813c2cee888356ac143fa70f51bfc10d6118449d84a939a2fe609338eaa1dc754ba377d44a9737c1a42ed48813c6
SSDEEP

3072:+a57I+HD/ZgLW6d+1rCyoQs67uzhWIAIj1q2huxenqfmGzK2qayol2GexJ:+LA/ZKRJq2yrfmDaX29xJ

Score

N/A

Malware Config

Signatures

Files

2f7ec7876d32140d1d9922e8da123562420520f5f62c7f8243e6d6ec0613aca7
.exe windows x86

0b06289a60489699b9b1e2e6f38a49a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
DeleteFileA
GetModuleFileNameA
CreateDirectoryA
GetDiskFreeSpaceA
GetVolumeInformationA
SystemTimeToFileTime
GetSystemTime
GetDriveTypeA
Sleep
GetWindowsDirectoryA
GetLastError
CreateMutexA
CompareFileTime
GetPrivateProfileStringA
ResumeThread
CreateThread
ReleaseMutex
CreateProcessA
GetTempPathA
RemoveDirectoryA
CopyFileA
GetComputerNameA
GetFileSize
GetLocalTime
WaitForSingleObject
GetFileTime
WritePrivateProfileStringA
FileTimeToSystemTime
WriteFile
SetFilePointer
TerminateProcess
OpenProcess
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
FindFirstFileA
FindNextFileA
FindClose
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
GetFileAttributesA
SetFileAttributesA
CreateFileA
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
DeviceIoControl
IsValidCodePage
IsValidLocale
HeapAlloc
HeapFree
GetFileType
ReadFile
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetEndOfFile
SetHandleCount
GetStdHandle
SetStdHandle
HeapSize
SetUnhandledExceptionFilter
GetProcAddress
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LoadLibraryA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW

advapi32

RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA

shell32

CommandLineToArgvW
ShellExecuteA

cabinet

FCICreate
FCIAddFile
FCIFlushCabinet
FCIDestroy

psapi

EnumProcessModules
GetModuleFileNameExA

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b06289a60489699b9b1e2e6f38a49a7

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

cabinet

psapi

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 48KB - Virtual size: 128KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 48KB - Virtual size: 128KB