884ca2502fb2b5e5ca2c0c273c9db4dd2d47a6fec0233e239c81229ef74149e5

Sharing

Copy URL Twitter E-mail

General

Target

884ca2502fb2b5e5ca2c0c273c9db4dd2d47a6fec0233e239c81229ef74149e5
Size

153KB
MD5

1407d74450421161e1a17f8681ac7381
SHA1

38fe5c04cab8f138e50ee6487b8e381b0f4fdb82
SHA256

884ca2502fb2b5e5ca2c0c273c9db4dd2d47a6fec0233e239c81229ef74149e5
SHA512

5e9635991cecd43efb9ca5906d7718f895d3e0b308a6ad7e6e283b6ab1bd1be1ab2364b1cdf04dd153f2c8a8d67b2e4f909c59705d59e7f7d1b22a968ce6242d
SSDEEP

3072:qbE0RHEeApsGvX4qcKaMcd0vg+CMBjUXRV1dr1NN7xnQ:b0RHEeDGv46nijjG

Score

N/A

Malware Config

Signatures

Files

884ca2502fb2b5e5ca2c0c273c9db4dd2d47a6fec0233e239c81229ef74149e5
.exe windows x86

98037e7beb720aa6c8877b53404212a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateFileW
GetShortPathNameW
WriteFile
CloseHandle
Sleep
CreateThread
GetStartupInfoW
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadResource
LockResource
SizeofResource
lstrcpyW
lstrcatW
GetStartupInfoA
FindResourceA
GlobalLock
GlobalUnlock
GlobalAlloc
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
VirtualAlloc
VirtualFree
GetModuleHandleW
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetLastError
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentThreadId
SetLastError
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
RtlUnwind
LCMapStringW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetCurrentProcessId
lstrcpynW
GetWindowsDirectoryW
GetProcessHeap
HeapFree
HeapAlloc
RaiseException
GetVolumeInformationW

user32

GetSystemMetrics
GetParent
SetParent
OpenClipboard
CloseClipboard
GetClipboardData
EmptyClipboard
SetForegroundWindow
SetWindowPos
GetClassNameW
GetLastActivePopup
BringWindowToTop
SetClipboardData
SetActiveWindow
BlockInput
SendInput
MapVirtualKeyA
PostMessageA
GetWindowTextW
CloseDesktop
wsprintfW
EnumDesktopWindows
OpenInputDesktop
CreateDesktopA
GetDesktopWindow
GetSysColor
GetForegroundWindow
GetMessageTime

ole32

CoUninitialize
CoInitializeEx
CoInitializeSecurity

iphlpapi

GetAdaptersInfo

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegDeleteKeyExA

shell32

ShellExecuteW
CommandLineToArgvW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98037e7beb720aa6c8877b53404212a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

iphlpapi

advapi32

shell32

version

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 9KB - Virtual size: 8KB