d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494

General

Target

d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494
Size

314KB
MD5

9bce1f3dea515267168b491859b037a6
SHA1

c71a9555c982894e016934eab01da71c6e2d4530
SHA256

d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494
SHA512

966e97e9bdac33bca28a95e4e03fbd4d189daeb54cd577b98dce91536c32edfac7ed2ba599703968523fd8c635f2a1a459a3866e9b3967c6eb5e693eed9f45d2
SSDEEP

6144:A0E11ym+jcV9I+dx/brnEdxHdUemx2rB8ark4xD08X3BoBlaIBpMBM:AlX9+y9ItS+GarJD08nBdaMBM

Score

N/A

Malware Config

Signatures

Files

d219e281769631a2a60ec575f9c2e18591aa240f784a40a399d88ac1cdf03494
.exe windows x86

5d3db73ad02c31dd84c052fa60da2a99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
SetFilePointer
VirtualAlloc
OpenMutexW
GetModuleHandleA
lstrcmpiA
GlobalUnlock
WaitForSingleObject
FindResourceW
MultiByteToWideChar
GetSystemTime
LoadLibraryA
GetModuleFileNameA
GetFileSizeEx
VirtualProtect
CreateEventW
GetLastError
InitializeCriticalSection
ReleaseMutex
EnterCriticalSection
ExpandEnvironmentStringsW
CreateMutexW
ResetEvent
CloseHandle
lstrcmpiW
Sleep

advapi32

CryptHashData
CryptDestroyHash
DuplicateTokenEx
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
CryptGetHashParam
RegDeleteValueA
RegCloseKey
CryptAcquireContextW
GetUserNameW
CryptReleaseContext

user32

OpenWindowStationA
ExitWindowsEx
GetWindowThreadProcessId
LoadCursorA
SendMessageA
FindWindowExA
GetClassNameA
GetDlgItem
SetThreadDesktop
GetCursorPos
GetDlgItemTextA
DispatchMessageA
CharLowerBuffA
GetKeyboardState
OpenDesktopA

shlwapi

PathMatchSpecW
wnsprintfA
wnsprintfW
PathCombineW
wvnsprintfA
PathFileExistsW
SHDeleteKeyA
PathFindFileNameW
wvnsprintfW
PathRemoveFileSpecW
StrCmpNIW

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d3db73ad02c31dd84c052fa60da2a99

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 20KB