d07de3b8281ecd8c892f9db7cd0c85d625c1ba9f99c993d5d86995911116688e

Sharing

Copy URL Twitter E-mail

General

Target

d07de3b8281ecd8c892f9db7cd0c85d625c1ba9f99c993d5d86995911116688e
Size

163KB
MD5

0aaf88e9d8b8546a79c10121f39ca350
SHA1

8d3eaafa980b3d78153280b671a23b6d15b29d10
SHA256

d07de3b8281ecd8c892f9db7cd0c85d625c1ba9f99c993d5d86995911116688e
SHA512

0e58d5ff115d115f0de84c546b606fa5ee17d6cabed55aca98dbe0747903eceed2b378eb3e118adc82b12a61e73dc2489ab715a49c9378df1ca08ed61cb4aaa6
SSDEEP

3072:babYMuIbeGzlRdeHtUASwtHh/taw5Mgcmvlw/f3VoCW2hyWrKv0LiVd2VKA:cSIbHBoLS/gc2aQ2k4itA

Score

N/A

Malware Config

Signatures

Files

d07de3b8281ecd8c892f9db7cd0c85d625c1ba9f99c993d5d86995911116688e
.exe windows x86

64b11ae911e313694d9995a8b139aa47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

CreateDirectoryW
CreateFileW
WriteFile
GetFileSize
SetFilePointer
SetEndOfFile
CloseHandle
WaitForSingleObject
GetFullPathNameW
Sleep
CopyFileW
DeleteFileW
MoveFileW
CreateFileA
WriteConsoleW
CreateProcessW
FlushFileBuffers
CompareStringA
CompareStringW
GetFileAttributesW
GetOEMCP
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleA
ExitProcess
GetVersionExA
GetStartupInfoW
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetTimeZoneInformation
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
SetEnvironmentVariableA
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RaiseException
VirtualAlloc
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

GetDesktopWindow

advapi32

RegCreateKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHFileOperationW
SHCreateDirectoryExW
SHGetPathFromIDListW

shlwapi

PathFileExistsW

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

64b11ae911e313694d9995a8b139aa47

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 77KB - Virtual size: 80KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 77KB - Virtual size: 80KB