c7ef064fcfd974d8dfbcea1b4faed3d80987b97f8c6838b65f381b47df2522f1

Sharing

Copy URL

Twitter E-mail

General

Target

c7ef064fcfd974d8dfbcea1b4faed3d80987b97f8c6838b65f381b47df2522f1
Size

117KB
MD5

0ad23d6583a187c663998bd4f6830199
SHA1

9664548ffa9a0e34287ae6dd7f24875a46c7e5d1
SHA256

c7ef064fcfd974d8dfbcea1b4faed3d80987b97f8c6838b65f381b47df2522f1
SHA512

7c75ee4d72a9c93ecdf8d36cbc7bd38b9b5aa9a1c5826739c461cb14e075851e10a9b7338c8708b685453b2f9a519b5f0595d392339fe234a0fba47ccfe91d95
SSDEEP

1536:96A8Sc8jbEuT5YFXNsLg0KkTaz3ObQFZnfrkwzKyF0qMV1fvumwy7eu6oWd:DNEeU9Ug0KkK3jZjkwzKyFmV1Rq5Z

Score

N/A

Malware Config

Signatures

Files

c7ef064fcfd974d8dfbcea1b4faed3d80987b97f8c6838b65f381b47df2522f1
.exe windows x86

2442d0d5249ae805f8766fb824f395e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
SetFileTime
DeleteFileA
GetThreadLocale
lstrlenW
TerminateProcess
GetCurrentProcessId
WideCharToMultiByte
FreeEnvironmentStringsA
IsValidCodePage
SystemTimeToFileTime
GetCurrentDirectoryA
IsBadCodePtr
IsDebuggerPresent
LoadResource
FileTimeToDosDateTime
GetTempFileNameA
QueryPerformanceCounter
GetSystemDirectoryA
GetUserDefaultLangID
RemoveDirectoryA
GetExitCodeProcess
lstrcpynA
GetVersion
lstrcmpiA
GetSystemDirectoryW
GetStringTypeW
WritePrivateProfileStringA
CopyFileA
GetCommandLineW
GetTempPathW
GetVersionExW
ExitProcess
GetSystemTime
GetTempPathA
VirtualProtect
GlobalFree
InterlockedCompareExchange
GetModuleHandleW
lstrcpyA
GetACP
GetConsoleOutputCP
GetModuleHandleA
GlobalAlloc
OutputDebugStringA
RtlUnwind
GetLastError
IsBadWritePtr
lstrcmpA

msvcrt

__p___initenv
_controlfp
_XcptFilter
__getmainargs
__p__commode
_except_handler3
__setusermatherr
__p__fmode
_exit
_adjust_fdiv
__set_app_type
_initterm

user32

SetWindowPlacement
CreateMenu
CallWindowProcA
GetMenuItemID
MapWindowPoints
MessageBoxA
GetMenu
SetScrollInfo
WindowFromPoint
RegisterWindowMessageA
DestroyIcon
SetScrollPos
GetClientRect
SetWindowTextA
MessageBeep
TranslateMessage
GetKeyState
RemovePropA
IntersectRect
GetCursorPos
GetFocus
LoadIconA
DestroyCursor
IsWindowVisible
GetCapture
CallNextHookEx
GetDesktopWindow
FillRect
TrackPopupMenu
GetScrollInfo
CloseClipboard
IsWindowEnabled
EndPaint
GetLastActivePopup
IsChild
GetForegroundWindow
GetSystemMenu
SetActiveWindow
DrawEdge
DrawIcon
GetSystemMetrics
GetActiveWindow
GetDC
GetScrollRange
GetKeyboardType
UnregisterClassA
ShowCursor
ReleaseCapture
DrawFrameControl
IsIconic

advapi32

DeleteService
GetTokenInformation
CheckTokenMembership
RegOpenKeyExW
RegQueryValueExA
OpenSCManagerW
CloseServiceHandle
RegCreateKeyExW
GetLengthSid
SetSecurityDescriptorGroup
OpenThreadToken
RegSetValueExA
EqualSid
InitiateSystemShutdownA
OpenServiceA
CryptCreateHash
LookupPrivilegeValueA
LookupPrivilegeValueW
CryptDestroyHash
RegOpenKeyW
RegEnumValueA
RegEnumKeyExW
RegDeleteKeyW
GetSecurityDescriptorDacl
RegCreateKeyA
QueryServiceStatus
OpenSCManagerA
DeregisterEventSource
RegDeleteValueW
RegCreateKeyExA
AddAccessAllowedAce
RegQueryInfoKeyA
GetUserNameA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExW
RegEnumKeyW
ControlService

Sections

.text
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2442d0d5249ae805f8766fb824f395e0

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 1024B - Virtual size: 812B

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 1024B - Virtual size: 812B

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 38KB - Virtual size: 37KB