437de9ba0b03e5b41d0293a68d4fffa5388e10d6074a7ad73b7dc82d7bd51393

Sharing

Copy URL Twitter E-mail

General

Target

437de9ba0b03e5b41d0293a68d4fffa5388e10d6074a7ad73b7dc82d7bd51393
Size

60KB
MD5

0000154ed4aca09bc02967aa2c729992
SHA1

a98daff047dc5149462eb6c48fbdae9086d71615
SHA256

437de9ba0b03e5b41d0293a68d4fffa5388e10d6074a7ad73b7dc82d7bd51393
SHA512

209e00f46530b484296ebeb471f1a62d0ceb6ef46b640a2f53250cce80dd990b6a9d61d3fc3e7450cac4d1952c86c091131ef9e4b7441ad8faccbb4a273b77f1
SSDEEP

1536:zySYG5H8FMC7si73NrNUbtcToXZ+TcxvJP8b7mn:zZcdrybe6Z+TcxvJ0+n

Score

N/A

Malware Config

Signatures

Files

437de9ba0b03e5b41d0293a68d4fffa5388e10d6074a7ad73b7dc82d7bd51393
.exe windows x86

5ff29837cd8d876a5ccb4877e3326276

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumKeyA
RegSetValueExW
RegDeleteKeyA
RegOpenKeyA

kernel32

WriteFile
SetFilePointer
CreateFileA
lstrcatA
lstrcpynA
GetEnvironmentVariableA
lstrcpyA
GetFileAttributesA
MoveFileExA
lstrcmpA
GetLastError
WaitForSingleObject
CreateProcessA
FreeLibrary
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
CreateDirectoryA
MoveFileA
DeleteFileA
SetFileAttributesA
SetEnvironmentVariableA
GetSystemDirectoryA
GetCurrentDirectoryA
GetCommandLineA
lstrlenW
lstrcpynW
lstrcatW
lstrcpyW
lstrcmpiA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
ExitProcess
GetStdHandle
CloseHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
ReadFile
LCMapStringA
LCMapStringW
RtlUnwind
GetLocaleInfoA
SetEndOfFile
GetProcessHeap
GetModuleFileNameA
lstrlenA
MultiByteToWideChar

gdi32

TextOutA

user32

LoadKeyboardLayoutA
wsprintfA
ReleaseDC
wvsprintfA
GetDC
SystemParametersInfoA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5ff29837cd8d876a5ccb4877e3326276

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

ole32

version

Sections

.text Size: 53KB - Virtual size: 53KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

XOR Size: 2KB - Virtual size: 2KB

.text
Size: 53KB - Virtual size: 53KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

XOR
Size: 2KB - Virtual size: 2KB