52f34d7daa43152bfdec1eaf63b697dfdb7ada1249d8d0e74981263f08751d8e

Sharing

Copy URL Twitter E-mail

General

Target

52f34d7daa43152bfdec1eaf63b697dfdb7ada1249d8d0e74981263f08751d8e
Size

344KB
MD5

4a5c388f560b66e1f154d8265423a9b4
SHA1

3850a65892cb90f9d67d66f94a791da2aa897609
SHA256

52f34d7daa43152bfdec1eaf63b697dfdb7ada1249d8d0e74981263f08751d8e
SHA512

c51c4f0e27d078f04a5540cf0f6647e9368ffb6c1d565cc5b79676aafde2456e3136c26387a950049380cbd83e60517cd15a682674ae4398574902dc7422699f
SSDEEP

6144:kn6vcVcbedtlrHX5pQmVu/dhKLOrVXl7HWrE+icB8aa36OCwb7eEk8vEE+MoOfG:kn6EmqjhHX56mVqkOXVHGbKaW60b7eXt

Score

N/A

Malware Config

Signatures

Files

52f34d7daa43152bfdec1eaf63b697dfdb7ada1249d8d0e74981263f08751d8e
.exe windows x86

2dd68646ad9dda7354354ad45a4b2939

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
SetEvent
GetModuleFileNameW
InterlockedIncrement
lstrlenA
DebugBreak
OutputDebugStringW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetLongPathNameW
GetCurrentThreadId
GetCommandLineW
CreateFileW
DeviceIoControl
GetVersionExW
InterlockedDecrement
GetShortPathNameW
GlobalFree
GlobalAlloc
GetCurrentProcess
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetLastError
RaiseException
lstrlenW
WideCharToMultiByte
CloseHandle
LoadLibraryW
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LCMapStringA
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetFilePointer
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetVersionExA
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcessHeap
GetStartupInfoW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

LoadStringW
CharNextW
UnregisterClassA

advapi32

RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

shell32

ShellExecuteExW

ole32

CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoInitialize

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr

shlwapi

PathFileExistsW
StrCmpNIW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

69�vM�
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2dd68646ad9dda7354354ad45a4b2939

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 20KB - Virtual size: 18KB

69�vM� Size: 228KB - Virtual size: 228KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 20KB - Virtual size: 18KB

69�vM�
Size: 228KB - Virtual size: 228KB