97683deec54f82375bd1977dd40b45edbac59bfadddbb98c251701e6d70624ed

General

Target

97683deec54f82375bd1977dd40b45edbac59bfadddbb98c251701e6d70624ed
Size

273KB
MD5

7636ccfb1731f578c8dfc10f15a3b680
SHA1

bd07c8d063eb9a6312ab464bd2ef07c286f0d54a
SHA256

97683deec54f82375bd1977dd40b45edbac59bfadddbb98c251701e6d70624ed
SHA512

8cdeabc4fe086b27b9a624415fa632039563a0985670e779aac4c410dec7ddc7e5606598654075f228f6b07fa677bcdb2150a9d0bdfc7e0b605b8ebeb0e61c40
SSDEEP

6144:xvUECkQYLoeFVvKq4dO9TG5a55vFMAiLAx5gYy/9WHxo9YRfK:x5LbFxHcGTmaHveLpYyl00YFK

Score

N/A

Malware Config

Signatures

Files

97683deec54f82375bd1977dd40b45edbac59bfadddbb98c251701e6d70624ed
.exe windows x86

3f30ca30cb6ca4021b6ee34978196503

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncmp
_splitpath
wcslen
strncpy
vprintf
_strupr
fopen
_iob
rand
_fullpath
fclose
memmove
sprintf
printf
fprintf
fflush
isprint
_stricmp
_makepath
_itoa
_strnicmp
toupper

kernel32

CreateSemaphoreA
GetDiskFreeSpaceA
GetExitCodeThread
DeleteCriticalSection
GlobalAlloc
GetModuleFileNameA
GetCurrentProcessId
CreateFileA
WaitForSingleObjectEx
WriteFile
WaitForMultipleObjects
CreateDirectoryA
CreateMutexA
LoadLibraryW
GlobalFindAtomA
OpenSemaphoreA
CreateEventA
WriteFileEx
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
GetLastError
SetFilePointer
VirtualFree
RemoveDirectoryA
ReleaseSemaphore
lstrcpyA
MapViewOfFile
FreeLibrary
FindNextFileA
OpenEventA
InterlockedIncrement
GetModuleHandleA
OpenMutexA
ReleaseMutex
ReadFile
GetTickCount
UnmapViewOfFile
WaitForSingleObject
OpenFileMappingA
ReadFileEx
GetSystemInfo
FindFirstFileA
InterlockedDecrement
CompareStringW
lstrlenA
CloseHandle
LocalAlloc
GetProcAddress
EnterCriticalSection
SetEvent
SetThreadPriority
GetUserDefaultLangID
ResetEvent
SetEndOfFile
LCMapStringW
GetFileSize
GetFileAttributesA
LeaveCriticalSection
FindClose
CreateThread

advapi32

DeregisterEventSource
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
GetLengthSid
RegCreateKeyExA
FreeSid
InitializeAcl
ReportEventA
SetSecurityDescriptorDacl
RegDeleteValueA
AllocateAndInitializeSid
RegSetValueExA
RegisterEventSourceA

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f30ca30cb6ca4021b6ee34978196503

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 43KB - Virtual size: 42KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 43KB - Virtual size: 42KB