64af0ff1ab20967395bf83cfb6751604ea8d5ca471195e9e0e6b752b43088a70

Sharing

Copy URL Twitter E-mail

General

Target

64af0ff1ab20967395bf83cfb6751604ea8d5ca471195e9e0e6b752b43088a70
Size

397KB
MD5

610a1b26c2f78d606518e50ab3679e59
SHA1

3cde446decb8494077ffb8fd8b92d80df7cb61a7
SHA256

64af0ff1ab20967395bf83cfb6751604ea8d5ca471195e9e0e6b752b43088a70
SHA512

e5fe221ad757961868f2577583f54e39f96e379975d0ccaf0bb670351a9d33417e1b79b961e425e9f749cd04de665aee941ac62ab5be715e95f109751aedfaf3
SSDEEP

12288:7c4XN23ZVuGNtXvl5TI0BFtxTkrLAjp+RA8:7hXmVht/l+0OEjw2

Score

N/A

Malware Config

Signatures

Files

64af0ff1ab20967395bf83cfb6751604ea8d5ca471195e9e0e6b752b43088a70
.exe windows x86

170e0c58ead755a6b58dcbc20c55241f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

SetFileTime
SystemTimeToFileTime
DosDateTimeToFileTime
FindFirstFileW
WideCharToMultiByte
Sleep
CreateProcessA
MultiByteToWideChar
GetStartupInfoA
FindClose
FindNextFileW
CloseHandle
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetModuleHandleW
GetVersionExW
TerminateProcess
GetLastError
GetProcAddress
LoadLibraryA
DuplicateHandle
GetCurrentProcessId
FreeResource
FindResourceW
LoadResource
CreateDirectoryW
SizeofResource
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
MoveFileA
LockResource
DeleteFileA
CreateMutexW
ReleaseMutex
CreateFileA
MoveFileExW
GetModuleFileNameA
DeleteFileW
SetFileAttributesW
GetPrivateProfileStringW
WritePrivateProfileStringW
InterlockedIncrement
InterlockedDecrement
WriteFile
CreateFileW
GetTickCount
ReadFile
SetFilePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
SetEvent
InterlockedExchange
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetCurrentThreadId
InitializeCriticalSection
GetCurrentDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
ExitProcess
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
SetLastError
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
HeapSize
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetStringTypeA
GetLocaleInfoA
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetStartupInfoW

user32

SendMessageW
IsWindow
FindWindowExW
PostMessageW

advapi32

RegSetValueExA
RegCloseKey
GetTokenInformation
OpenProcessToken
RegCreateKeyExA

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

170e0c58ead755a6b58dcbc20c55241f

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 233KB - Virtual size: 233KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 233KB - Virtual size: 233KB

.reloc
Size: 21KB - Virtual size: 20KB