32909e329d37f39c2beaa2ab403f75568ab5619a15fa2004b1a49cafc0ec221d

Sharing

Copy URL Twitter E-mail

General

Target

32909e329d37f39c2beaa2ab403f75568ab5619a15fa2004b1a49cafc0ec221d
Size

399KB
MD5

0ba9b4975ceac5017efca20972f7f2e0
SHA1

57325e0e1e1022c34a42a0a47d3c70ac97a23cb6
SHA256

32909e329d37f39c2beaa2ab403f75568ab5619a15fa2004b1a49cafc0ec221d
SHA512

37a10a04af080da7e3453a96905bad9f923da9fb18059ddac338470186deb2658df38064e85d1cdd9b0b0658678f78e03b94c862037848299359ce44b8d62617
SSDEEP

6144:GFXENxoaDLInpbG/2NowtsKwuAGN0irWCnPk:GxE0aDLInjtt/N0kWY

Score

N/A

Malware Config

Signatures

Files

32909e329d37f39c2beaa2ab403f75568ab5619a15fa2004b1a49cafc0ec221d
.exe windows x86

8d30e6fa70487d8c6f9f90292c14d146

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentThreadId
GetStartupInfoA
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
ExpandEnvironmentStringsW
GetSystemWindowsDirectoryW
lstrlenW
GetModuleHandleA
EnterCriticalSection
LoadLibraryExA
SetEvent
GetTempFileNameW
GetTempPathW
UnmapViewOfFile
GetModuleHandleW
CloseHandle
CreateProcessW
GetModuleFileNameW
GetLastError
SetLastError
DeleteCriticalSection
lstrcpynW
CreateFileW
GetCommandLineW
InitializeCriticalSection
CreateFileA
GlobalAlloc
LocalAlloc
GetProcAddress

user32

GetParent
GetSystemMetrics
SystemParametersInfoW
GetDC
ReleaseDC
LoadStringW
PostMessageW
SendMessageW
GetDlgItem
GetSysColor
LoadIconA
LoadCursorA

gdi32

GetDeviceCaps
DeleteObject
CreateFontIndirectW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_c_exit
_exit
_XcptFilter
_cexit
__getmainargs
_acmdln
exit
_vsnwprintf
__wgetmainargs
__winitenv
_wtol
malloc
realloc
wcsstr
free
__CxxFrameHandler
_wcsicmp
wcsncpy
_wgetcwd
calloc
wcstod
wcstol
wcsncmp
fflush
fprintf
wcschr
strtok
wcslen
_wcsnicmp
sprintf
wcstok
_iob

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
LookupAccountSidW
RegSetValueExW
RegConnectRegistryW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
RegOpenKeyExA

shell32

ShellExecuteW

Sections

.text
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data3
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d30e6fa70487d8c6f9f90292c14d146

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

Sections

.text Size: 263KB - Virtual size: 262KB

.data3 Size: 512B - Virtual size: 333B

.data Size: 4KB - Virtual size: 4KB

.text2 Size: 121KB - Virtual size: 121KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 263KB - Virtual size: 262KB

.data3
Size: 512B - Virtual size: 333B

.data
Size: 4KB - Virtual size: 4KB

.text2
Size: 121KB - Virtual size: 121KB

.rsrc
Size: 9KB - Virtual size: 8KB