0a212b35c0158ff29448e758c1fa31ccad0894b51df489c5c8aa03c3879faf7b

Sharing

Copy URL Twitter E-mail

General

Target

0a212b35c0158ff29448e758c1fa31ccad0894b51df489c5c8aa03c3879faf7b
Size

60KB
MD5

0fcffb933d2bc68919298437295932bc
SHA1

a6e4dbd445781c30ea9d904f87b3bbede09a3abd
SHA256

0a212b35c0158ff29448e758c1fa31ccad0894b51df489c5c8aa03c3879faf7b
SHA512

f999544cc1a6de77c809f140041c5d3f802cdd8451db633c6fc4f6831ae79f31906b587219f86e13366c9d1d2926e3f3af95b33d6d798fcb2e1c8bfecc2ce189
SSDEEP

1536:tBAWODLjIUrqCnITp7a7gKLhJcg5Azrd6r:jAWOrrqCITp7KgKLrcg5tr

Score

N/A

Malware Config

Signatures

Files

0a212b35c0158ff29448e758c1fa31ccad0894b51df489c5c8aa03c3879faf7b
.exe windows x86

a7ee5cd3e4747acbe8a4999a47a1fb85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA

kernel32

lstrcmpiA
lstrlenA
lstrcpynA
lstrlenW
FreeLibrary
SizeofResource
GetLastError
LoadResource
FindResourceA
LoadLibraryExA
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcess
WaitForSingleObject
lstrcpyA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
GetCPInfo
GetProcAddress
LoadLibraryA
InterlockedDecrement
OpenProcess
OpenEventA
CreateEventA
GetVersionExA
GetCommandLineA
SetEvent
HeapCreate
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
ExitProcess
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
VirtualAlloc
WriteFile
VirtualFree
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetVersion

user32

RegisterClassA
DestroyWindow
FindWindowA
GetWindowThreadProcessId
DefWindowProcA
CreateWindowExA
PeekMessageA
MsgWaitForMultipleObjects
DispatchMessageA
CharNextA

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
SetErrorInfo
RegisterTypeLi
LoadTypeLi
GetActiveObject
VarI4FromStr

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7ee5cd3e4747acbe8a4999a47a1fb85

Headers

File Characteristics

Imports

advapi32

kernel32

user32

ole32

oleaut32

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 9KB - Virtual size: 12KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 9KB - Virtual size: 12KB