acaa17b4708d9b040026dd70d775df7111deac46dfaed5b12fbe9a73b4dff0bf

Sharing

Copy URL Twitter E-mail

General

Target

acaa17b4708d9b040026dd70d775df7111deac46dfaed5b12fbe9a73b4dff0bf
Size

217KB
MD5

78c7a685289434fd4383858ba18279f0
SHA1

5c5d25f4508aa08cd0c84403aafae1e08701ab7b
SHA256

acaa17b4708d9b040026dd70d775df7111deac46dfaed5b12fbe9a73b4dff0bf
SHA512

727da11a47430aa0de2a2a5571bdccec156536981cbf16bcfb9f79f2aa57c0ce50f002a90807bd19b0aaf73d176a6e7c7efac8ffc8a1ac219365878b3c40b660
SSDEEP

3072:JTiC6zu60EPfsPfG2ilT1VpdsBsBJffcT1ERxvf77ajJVyEJXVYJe4h:Jf6zu6PPfsPfgTJffK1EzvajJVyow

Score

N/A

Malware Config

Signatures

Files

acaa17b4708d9b040026dd70d775df7111deac46dfaed5b12fbe9a73b4dff0bf
.exe windows x86

c86ce6969bb997746f5a975cb79a04f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

netwin32

ord1001
ord1033
ord1021
ord1071
ord1005
ord1002
ord1006
ord1160
ord1044
ord1014
ord1011
ord1030
ord1028
ord1008
ord1013
ord1022
ord1007
ord1003
ord1004
ord3028
ord1015
ord1017
ord1024
ord3029
ord1023

nnotes

ord8594
ord707
ord13
ord11
ord227
ord203
ord199
ord193
ord235
ord201

kernel32

CloseHandle
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapSize
GetStringTypeW
GetStringTypeA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
FlushFileBuffers
SetFilePointer
VirtualQuery
InterlockedExchange
RtlUnwind
InitializeCriticalSection
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
HeapReAlloc
GetVersionExA
GetModuleHandleA
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
MultiByteToWideChar
LCMapStringW
VirtualAlloc

advapi32

RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

whftgrq
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 144KB - Virtual size: 142KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c86ce6969bb997746f5a975cb79a04f4

Headers

File Characteristics

Imports

netwin32

nnotes

kernel32

advapi32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 6KB

whftgrq Size: 8KB - Virtual size: 4KB

Size: 144KB - Virtual size: 142KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 6KB

whftgrq
Size: 8KB - Virtual size: 4KB