870f6c16fd0dc6d257bc80e791db9dacf6507d3e34e456a72cfdb5ed3b0870f5

Sharing

Copy URL Twitter E-mail

General

Target

870f6c16fd0dc6d257bc80e791db9dacf6507d3e34e456a72cfdb5ed3b0870f5
Size

129KB
MD5

80451a3c7eb7ad4011564ecbce7835bf
SHA1

3678528e745fc92681d9e715b5c64593c9f12f21
SHA256

870f6c16fd0dc6d257bc80e791db9dacf6507d3e34e456a72cfdb5ed3b0870f5
SHA512

50170ea990e4f2698a9debf606d8abc60e67d488fe24f5eeb14c0eaf602bca846b3ada85d3c6cd0b0753e914d376085e9489ed814a643044f5ddb3e4030101f5
SSDEEP

3072:HXACt/c/d5fa/PKcH9MPlbo5sGOWtZiEu6G751+qjd:HXACt/cX+PClcFO4ZiExQ1+q

Score

N/A

Malware Config

Signatures

Files

870f6c16fd0dc6d257bc80e791db9dacf6507d3e34e456a72cfdb5ed3b0870f5
.exe windows x86

6dcbed7755df563b14b8a0156232ead0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA

gdi32

GetDeviceCaps

user32

wsprintfA
ShowWindow
SetWindowTextA
SetWindowPos
SetWindowLongA
SetForegroundWindow
SetDlgItemTextA
SendMessageA
SendDlgItemMessageA
ReleaseDC
PeekMessageA
MsgWaitForMultipleObjects
MessageBoxA
MessageBeep
LoadStringA
GetWindowRect
GetWindowLongA
GetDlgItemTextA
GetDlgItem
GetDesktopWindow
GetDC
ExitWindowsEx
EndDialog
EnableWindow
DispatchMessageA
DialogBoxIndirectParamA
CharUpperA
CharPrevA
CharNextA
CallWindowProcA

kernel32

lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lopen
_llseek
_lclose
WritePrivateProfileStringA
WriteFile
WaitForSingleObject
VirtualProtectEx
VirtualFree
VirtualAlloc
Toolhelp32ReadProcessMemory
TerminateThread
TerminateJobObject
SizeofResource
SetThreadPriority
SetProcessPriorityBoost
SetFileTime
SetFilePointer
SetFileApisToANSI
SetEvent
SetCurrentDirectoryA
RtlUnwind
ResetEvent
RemoveDirectoryA
ReadFile
ReadConsoleOutputAttribute
AllocConsole
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
DeleteTimerQueueEx
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetExitCodeProcess
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeInfo
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessShutdownParameters
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
Heap32ListFirst
IsProcessorFeaturePresent
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalHandle
LockResource
MulDiv

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dcbed7755df563b14b8a0156232ead0

Headers

File Characteristics

Imports

advapi32

gdi32

user32

kernel32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 377B

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 377B