1a4fbe1c8002b42f6ae4d833aabdf43cebc0e3c40ee3fa765a77222e6b8ce8f9

Sharing

Copy URL Twitter E-mail

General

Target

1a4fbe1c8002b42f6ae4d833aabdf43cebc0e3c40ee3fa765a77222e6b8ce8f9
Size

105KB
MD5

0cc8b6251d81b4c3ce104c5184315173
SHA1

701cb39ac7db0d9467ef61ba026e55cc73c18cba
SHA256

1a4fbe1c8002b42f6ae4d833aabdf43cebc0e3c40ee3fa765a77222e6b8ce8f9
SHA512

80204e63e31d139b4fead3ecd204870313035ab3213542412508d760ecc3367f2032eaaf8301f1da322b8cbdcea4d08d061c8ae940135c98966699f729bea176
SSDEEP

1536:scagS3kiOAZxnUuWhzHDlXcm1v7+z7WQ6aWL+5gCBhFqoYtAiAQIYEB:scXS3nzZx2zb1v7+z7ZWi9pv2aB

Score

N/A

Malware Config

Signatures

Files

1a4fbe1c8002b42f6ae4d833aabdf43cebc0e3c40ee3fa765a77222e6b8ce8f9
.exe windows x86

3cda8bb5770c49258ffd35bf2120b02a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FileTimeToLocalFileTime
GetCommandLineW
SetLastError
WritePrivateProfileStringA
GetUserDefaultLangID
GetSystemDirectoryA
LCMapStringA
MulDiv
LocalFileTimeToFileTime
IsDebuggerPresent
DeleteFileA
SetFileTime
GlobalUnlock
GetConsoleOutputCP
lstrcmpiW
VirtualFree
GetExitCodeProcess
GetCurrentProcess
GetTempPathA
GlobalFree
InterlockedExchange
WriteConsoleA
CreateFileMappingA
GetModuleHandleA
GetCurrentThread
GetModuleHandleW
OutputDebugStringA
FreeEnvironmentStringsA
MoveFileA
GetCurrentDirectoryA
GetDriveTypeA
CreateProcessW
lstrcmpA
VirtualQuery
GlobalAlloc
VirtualProtect
GetEnvironmentStringsW
MultiByteToWideChar
GetConsoleMode
GetFileAttributesA
LocalFree
GetThreadLocale
GlobalHandle
GetSystemTime
GetCurrentProcessId
lstrlenA
LoadResource
GetDateFormatA

msvcrt

_XcptFilter
__getmainargs
__p___initenv
_initterm
__p__commode
__set_app_type
_exit
__p__fmode
_adjust_fdiv
_controlfp
__setusermatherr
_except_handler3

user32

SetFocus
ScrollWindow
ClientToScreen
GetCursorPos
RegisterClipboardFormatA
SetCapture
EmptyClipboard
DeleteMenu
GetWindowTextA
GetWindowThreadProcessId
SetScrollPos
DispatchMessageA
GetClientRect
LoadStringA
CallNextHookEx
KillTimer
SetWindowTextA
SystemParametersInfoA
FillRect
IntersectRect
ScreenToClient
DefWindowProcA
CreateMenu
GetWindow
DrawFrameControl
GetSysColor
GetScrollInfo
GetKeyboardType
SendMessageA
EndPaint
GetKeyState
UnhookWindowsHookEx
CharLowerA
WaitMessage
DialogBoxParamA
ReleaseCapture
SetCursor
InsertMenuA
wsprintfA
GetIconInfo
GetActiveWindow

advapi32

GetTokenInformation
LookupPrivilegeValueW
RegDeleteValueW
RegCreateKeyExA
CheckTokenMembership
RegOpenKeyExW
InitiateSystemShutdownA
RegCloseKey
GetUserNameA
RegEnumKeyExW
RegQueryValueExA
RegQueryValueA
CloseServiceHandle
InitializeSecurityDescriptor
CryptGenRandom
OpenSCManagerW
RegEnumValueW
CopySid
AllocateAndInitializeSid
ControlService
FreeSid
DeleteService
RegCreateKeyExW
GetLengthSid
RegEnumValueA
CryptDestroyHash
OpenServiceW
OpenServiceA
RegOpenKeyA
RegSetValueExA
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
RegQueryInfoKeyW
EqualSid
RegDeleteValueA
CryptReleaseContext
RegEnumKeyExA

Sections

.text
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cda8bb5770c49258ffd35bf2120b02a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 1024B - Virtual size: 812B

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 1024B - Virtual size: 812B

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 31KB - Virtual size: 30KB