d902568435d6bc723bcb39eeeb61a3e9b6a70510614711ed71ddc9d13cbff2d8

Sharing

Copy URL Twitter E-mail

General

Target

d902568435d6bc723bcb39eeeb61a3e9b6a70510614711ed71ddc9d13cbff2d8
Size

136KB
MD5

0c0d17d10819381d011b3941fae1ce41
SHA1

464516b06496fe62c78319227e273aeacb145237
SHA256

d902568435d6bc723bcb39eeeb61a3e9b6a70510614711ed71ddc9d13cbff2d8
SHA512

cfd4fb0b1ebbacd04ec2b615d3bf2e6635d7227275dabdf017def9e52f776870e9b5905ef2352fbcd17f299c4bd0bcbaf20935d313367dbd23ac93bfd234709f
SSDEEP

3072:zLwS88LbwPPAcTbX1cCQSHTat+mCh71/LFWl+v:zLw3+b2PSI2urLUlI

Score

N/A

Malware Config

Signatures

Files

d902568435d6bc723bcb39eeeb61a3e9b6a70510614711ed71ddc9d13cbff2d8
.exe windows x86

37990eee48e931ba563d0bb570473074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
WaitForMultipleObjects
GetModuleFileNameW
CreateThread
CreateEventW
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
OpenThread
GetCommandLineW
GetCurrentThreadId
CloseHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
IsValidCodePage
GetOEMCP
GetCPInfo
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetEvent
lstrcmpiW
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetProcessHeap
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount

user32

CharNextW
PostThreadMessageW
DispatchMessageW
GetMessageW
UnregisterClassA

ole32

CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CreateClassMoniker
GetRunningObjectTable
CoUninitialize

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yrdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37990eee48e931ba563d0bb570473074

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

advapi32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 24KB - Virtual size: 20KB

.yrdata Size: 28KB - Virtual size: 28KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 24KB - Virtual size: 20KB

.yrdata
Size: 28KB - Virtual size: 28KB