aca5af779f5fa306d04d9b9460208804b38d5ccaca954b63483281c716baec81

Sharing

Copy URL Twitter E-mail

General

Target

aca5af779f5fa306d04d9b9460208804b38d5ccaca954b63483281c716baec81
Size

264KB
MD5

0c9456a6b5bdff123609f1fb6d4ee9d0
SHA1

64cf28caff973c5c763c5dca8f31ea8b0d391cfb
SHA256

aca5af779f5fa306d04d9b9460208804b38d5ccaca954b63483281c716baec81
SHA512

9f5966a3719f095060d9adecffb3e0eddb20bc6346fa9672f5c1499ed3a7ce578c9107234ac5631857e32c2c5f73fbec09b05770d63d593fc01f0fcc18910f4e
SSDEEP

6144:mmnx634Mwr/aShMQYgAhhQV98CbRMibdVJh980:144MwDBMQkhz8p8

Score

N/A

Malware Config

Signatures

Files

aca5af779f5fa306d04d9b9460208804b38d5ccaca954b63483281c716baec81
.exe windows x86

8e71a2149aebb435b5456119f35ac4eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

RegisterTypeLi

kernel32

Sleep
EnterCriticalSection
GlobalDeleteAtom
GetComputerNameW
InterlockedCompareExchange
GetSystemDirectoryA
GetWindowsDirectoryW
FindFirstFileW
IsDebuggerPresent
FindNextFileA
RemoveDirectoryA
CreateTimerQueue
GlobalFlags
CreateFileW
SuspendThread
GetSystemTime
IsBadCodePtr
LockResource
lstrcmpA
GetDriveTypeA
GetDriveTypeW
TransactNamedPipe
SetStdHandle
GetLocaleInfoW
FileTimeToSystemTime
GlobalMemoryStatus
GetACP
LoadLibraryW
SetThreadExecutionState
GetExitCodeProcess
GetExitCodeThread
GetTempPathW
GetOverlappedResult
GetFileAttributesExW
GetStartupInfoW
FlushInstructionCache
GetLogicalDrives
GetFileType
FindResourceW
FormatMessageA
lstrlenA
VirtualAlloc
VirtualQueryEx
GetStartupInfoA
GetModuleHandleA

advapi32

DeleteService
RegisterEventSourceW
CopySid
InitializeAcl
CreateProcessAsUserW
InitializeSid
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
LookupPrivilegeValueW
IsValidSecurityDescriptor

user32

CharUpperW
InsertMenuA
GetDlgItemTextA
GetClassLongA
SetActiveWindow
LoadImageW
GetMenuStringA
IsRectEmpty
FlashWindow
CreateDialogParamW
GetClassInfoExW
CharNextW
CharPrevA
GetDlgCtrlID
ReplyMessage
SendDlgItemMessageA
wsprintfW
SetWindowPos
MessageBoxW
DdeUnaccessData
FindWindowA
LoadAcceleratorsA
SendDlgItemMessageW
TrackPopupMenuEx
EndDeferWindowPos
DdeClientTransaction
CharUpperA
CreateWindowExA
GetKeyNameTextA
GetWindowTextLengthA
SetCaretPos
IsClipboardFormatAvailable
SetScrollRange
TabbedTextOutA
DdeUninitialize
BroadcastSystemMessageA
DrawFocusRect

msvcrt

strchr
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_wcslwr
wcstok
_wcsnicmp
longjmp
localtime
_wcsdup
_controlfp
realloc
tolower
wcschr
exit
wcstol
rand
_purecall
memmove
malloc
iswalnum
_wtoi64
floor
free
_wcsupr
fread
isdigit
wcscspn
isspace
_c_exit
_beginthreadex
_wtoi
strrchr
_wsplitpath
strncpy
_stricmp
_ltow
_strnicmp
_iob
fclose
_itoa
wcslen
strncmp
atoi
qsort
_vsnprintf
_ismbblead
atof
_cexit
iswspace
_snwprintf
_exit
atol
towlower
_mbsrchr
toupper

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e71a2149aebb435b5456119f35ac4eb

Headers

File Characteristics

Imports

oleaut32

kernel32

advapi32

user32

msvcrt

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 632B

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 632B