20bcf445d5ea4b79d5ba1d8d1d0828d48c6423fe8b7904264485e512aaaf5ad8

General

Target

20bcf445d5ea4b79d5ba1d8d1d0828d48c6423fe8b7904264485e512aaaf5ad8
Size

409KB
MD5

9621efa4a562aa1c9dc3fd8ea19247e0
SHA1

954614abbc31a2f1cb550eee61deda4b1da6b08b
SHA256

20bcf445d5ea4b79d5ba1d8d1d0828d48c6423fe8b7904264485e512aaaf5ad8
SHA512

1c96b850ff5452367147bf7689409111902b00ec78ea8929e3c3d9b1699b0085123e49baf9c3e026bc447081dc4fb0a42a51c21d713ec91eb525b3675b11049c
SSDEEP

12288:uG0s5bNMpN8Tc0uqky+zPxMQ3CXxX+8Df:uGJMpaTcpDPCQyhXXf

Score

N/A

Malware Config

Signatures

Files

20bcf445d5ea4b79d5ba1d8d1d0828d48c6423fe8b7904264485e512aaaf5ad8
.exe windows x86

6e009c790131dd1ff5a6e05db3df6c4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
GetStringTypeA
CreateEventA
CreateDirectoryW
GlobalFlags
VirtualProtectEx
GetFileAttributesW
SetLastError
GetStdHandle
GetCurrentProcess
DeviceIoControl
GetPrivateProfileSectionA
FindClose
GlobalLock
RemoveDirectoryA
GetPrivateProfileIntA
GetVersionExA
GetCurrentThread
GetFileAttributesW
HeapFree
GetModuleHandleA

shell32

SHFree
StrChrA
DuplicateIcon
ExtractIconA
SHGetSettings
DragAcceptFiles
DragQueryFileA
SHGetDiskFreeSpaceA
ShellMessageBoxA
DragFinish
SHGetMalloc
DllUnregisterServer
ShellAboutA

ntmarta

AccConvertSDToAccess
AccConvertAclToAccess
AccFreeIndexArray
AccGetExplicitEntries

uxtheme

CloseThemeData

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e009c790131dd1ff5a6e05db3df6c4a

Headers

File Characteristics

Imports

kernel32

shell32

ntmarta

uxtheme

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 512B

.rsrc Size: 400KB - Virtual size: 872KB

.import Size: 512B - Virtual size: 372B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 512B

.rsrc
Size: 400KB - Virtual size: 872KB

.import
Size: 512B - Virtual size: 372B