694386c4b91c0bc80b3d52114798802514edc4fd13592cc3d4966d84ec2ff5f0

Sharing

Copy URL Twitter E-mail

General

Target

694386c4b91c0bc80b3d52114798802514edc4fd13592cc3d4966d84ec2ff5f0
Size

124KB
MD5

34d6f5307f99171c02e478f2077c643c
SHA1

5b7333498438cc5c778184b93c8478ecba315030
SHA256

694386c4b91c0bc80b3d52114798802514edc4fd13592cc3d4966d84ec2ff5f0
SHA512

3a19a97ece1df1a704ca9951019a01234c2ba163b76251c03817894e6d9e07e082f48cc578f3bd3599618ccc56c5a0fb885ffb24b23f8c2097721589c26400b3
SSDEEP

1536:eMbQg53e9rvARP3cZFmUOjjbPmL2MjF9WiykfzBJo3DoCBVioDZN/0FX4fU:e1gsvnjmUYbe/TpFJo3DoCBVioDLM4f

Score

N/A

Malware Config

Signatures

Files

694386c4b91c0bc80b3d52114798802514edc4fd13592cc3d4966d84ec2ff5f0
.exe windows x86

ae571f35e6be5c831fe4907f5efb86aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

DeleteFileA
lstrcmpiA
CloseHandle
CreateFileA
GetFileAttributesA
FindFirstFileA
GetFileSize
WriteFile
ReadFile
GetModuleHandleA
GetVersionExA
GetCurrentProcess
GetSystemDirectoryA
MoveFileA
SetFilePointer
OpenEventA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
TlsSetValue
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
InterlockedDecrement
TlsGetValue
InterlockedIncrement
FindNextFileA
SetEndOfFile
VirtualQuery
IsBadReadPtr
GetCurrentThread
ReadProcessMemory
IsBadWritePtr
FlushFileBuffers
FindClose
GetLocalTime
FreeLibrary
GetProcAddress
LoadLibraryA
HeapFree
GetProcessHeap
TerminateProcess
GetExitCodeProcess
GetVersion
OutputDebugStringA
HeapAlloc
VirtualAlloc
VirtualFree
GetSystemInfo
RemoveDirectoryA
GetCPInfo
CreateDirectoryA
GetCurrentDirectoryA
GetOEMCP
SetCurrentDirectoryA
SetLastError
lstrlenA
lstrcmpA
lstrcpyA
lstrcatA
ExitProcess
GetLastError
FormatMessageA
GetStringTypeA
GetStringTypeW
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetACP
LCMapStringW
LCMapStringA
SetStdHandle
HeapSize
HeapReAlloc
MultiByteToWideChar
HeapCreate
HeapDestroy
RtlUnwind
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetStartupInfoA
GetCommandLineA

user32

ReleaseDC
GetWindowRect
RegisterWindowMessageA
GetDC
ExitWindowsEx
SetDlgItemTextA
DialogBoxParamA
wvsprintfA
wsprintfA
PostMessageA
SetFocus
ShowWindow
BringWindowToTop
SetCursor
SetActiveWindow
SetForegroundWindow
CheckDlgButton
IsWindow
IsWindowVisible
FindWindowA
GetDlgItem
EnableWindow
SetWindowPos
LoadCursorA
LoadStringA
MessageBoxA
EndDialog

gdi32

GetDeviceCaps

advapi32

RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegFlushKey
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyA
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetUserNameA

shell32

ShellExecuteA

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ae571f35e6be5c831fe4907f5efb86aa

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 16.0MB

.rsrc Size: 32KB - Virtual size: 36KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 16.0MB

.rsrc
Size: 32KB - Virtual size: 36KB