99c1a5d12f76bf6b58237e68f4f588ce8226db79cc23b3107afad8010c1561c3

Sharing

Copy URL Twitter E-mail

General

Target

99c1a5d12f76bf6b58237e68f4f588ce8226db79cc23b3107afad8010c1561c3
Size

114KB
MD5

0ab8215af4aadbe569e966c5852a8316
SHA1

220671359737abb7c7748c60a3ac081b274a2d7f
SHA256

99c1a5d12f76bf6b58237e68f4f588ce8226db79cc23b3107afad8010c1561c3
SHA512

e3edf84d67212e439a87f03688b5e2fd98a23cc26078c7f13020a3abbed31e3c9dba78cd8c21af3b5063c97092e67e003e596e3122b9297cbd2481ec67288788
SSDEEP

3072:7p5yyIcWXmJrJ33Slrw9yAEfOVMp5T4d:72XmJrJS6EAEmVa5T

Score

N/A

Malware Config

Signatures

Files

99c1a5d12f76bf6b58237e68f4f588ce8226db79cc23b3107afad8010c1561c3
.exe windows x86

9273e0c05787797324daa7a049243a5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoA
GetCurrentThread
GetDriveTypeA
ExitProcess
CopyFileA
GetTempPathW
GetOEMCP
GetThreadLocale
GetStartupInfoW
GetPrivateProfileStringA
DeleteFileA
RemoveDirectoryA
GetStringTypeA
GetUserDefaultLangID
LocalFileTimeToFileTime
FileTimeToDosDateTime
MultiByteToWideChar
FlushFileBuffers
VirtualProtect
GetCommandLineW
LoadResource
SetStdHandle
GetModuleHandleW
GlobalAlloc
SetEnvironmentVariableA
GetModuleHandleA
CopyFileW
LocalAlloc
IsDebuggerPresent
GlobalUnlock
InterlockedCompareExchange
GetTempFileNameA
QueryPerformanceCounter
lstrcatA
CreateFileMappingA
GetSystemTime
GetTempPathA
GetFullPathNameA
FileTimeToSystemTime
lstrcmpA
GetExitCodeProcess
IsBadCodePtr
lstrlenW
GetVersionExA
GetFileAttributesW
GetCurrentDirectoryA

msvcrt

__p__fmode
_XcptFilter
_controlfp
__setusermatherr
__p___initenv
__p__commode
_initterm
_exit
_adjust_fdiv
__getmainargs
__set_app_type
_except_handler3

advapi32

RegDeleteKeyW
RegQueryInfoKeyA
CryptAcquireContextA
IsValidSid
RegSetValueExW
RegCreateKeyA
AdjustTokenPrivileges
RegEnumKeyExW
CryptCreateHash
InitializeAcl
RegQueryValueExW
CryptHashData
OpenThreadToken
RegEnumKeyExA
AddAccessAllowedAce
CryptGenRandom
CopySid
InitializeSecurityDescriptor
RegFlushKey
CryptReleaseContext
LookupPrivilegeValueW
RegCloseKey
RegDeleteValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
OpenProcessToken
QueryServiceStatus
EqualSid
DeleteService
InitiateSystemShutdownA
ControlService
OpenServiceW
RegQueryValueExA
RegEnumValueW
RegDeleteKeyA
GetSecurityDescriptorDacl

user32

GetActiveWindow
DrawIconEx
SetWindowPlacement
EnableMenuItem
BeginPaint
GetMenuState
CharLowerA
SetActiveWindow
CallNextHookEx
RegisterClassA
LoadStringA
InsertMenuA
GetDCEx
PeekMessageA
InvalidateRect
SetTimer
DrawMenuBar
WinHelpA
GetDC
UnregisterClassA
GetSysColorBrush
TranslateMessage
GetScrollRange
IsIconic
InflateRect
RegisterWindowMessageA
EndPaint
GetMenuItemCount
SetCapture
PostQuitMessage
SetRect
GetCursorPos
GetWindowRect
GetScrollPos
CharNextA
LoadCursorA
EndDialog
SetScrollPos
MapWindowPoints
FillRect
GetTopWindow
RedrawWindow
GetClientRect
GetForegroundWindow

Sections

.text
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9273e0c05787797324daa7a049243a5b

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 1024B - Virtual size: 796B

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 1024B - Virtual size: 796B

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 36KB - Virtual size: 35KB