acf68352e4b454f76138c71ac72b9569d918f15ad233ebf21115586aa0ea4aeb

Sharing

Copy URL Twitter E-mail

General

Target

acf68352e4b454f76138c71ac72b9569d918f15ad233ebf21115586aa0ea4aeb
Size

113KB
MD5

84522db48635b434d808548b90165dd1
SHA1

6638ab6861f9964a2d83ab93916a6eb4e2204e72
SHA256

acf68352e4b454f76138c71ac72b9569d918f15ad233ebf21115586aa0ea4aeb
SHA512

7a6ff7eadaf27d78e95d7cec44562f385fdcbb87961fcd699ec1cf95a4c20963a41de3467bdac58624d9036a5537c52dcf5d824023259c1702e4d6f93cf0ff35
SSDEEP

3072:ckERYGM1iKsdC3GV+ZvYy/vF+Udyl1Mkl:cLYGMcD2GkvYy/vF+UdyYc

Score

N/A

Malware Config

Signatures

Files

acf68352e4b454f76138c71ac72b9569d918f15ad233ebf21115586aa0ea4aeb
.exe windows x86

89e1fa26c764acc5d71bd99f518e46fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageGetCertificateData
ImageEnumerateCertificates
ImageGetCertificateHeader

crypt32

CertGetNameStringA
CertFreeCertificateContext
CryptVerifyMessageSignature

kernel32

MultiByteToWideChar
GetLastError
CloseHandle
lstrcmpA
CreateFileA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
GetExitCodeThread
WaitForSingleObject
SetEvent
lstrlenA
CreateEventA
WideCharToMultiByte
lstrlenW
ExpandEnvironmentStringsA
GetVersionExA
LoadLibraryA
OpenProcess
GetProcAddress
WriteFile
HeapSize
GetStringTypeW
GetStringTypeA
FreeLibrary
InterlockedExchange
GetStdHandle
GetModuleFileNameA
Sleep
SetHandleCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStringsW
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapFree
GetProcessHeap
GetACP
GetLocaleInfoA
GetThreadLocale
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapAlloc
HeapReAlloc
ExitThread
GetCurrentThreadId
CreateThread
GetModuleHandleA
ExitProcess
VirtualAlloc
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue

user32

PostQuitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
PostThreadMessageA
GetMessageA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
StartServiceCtrlDispatcherW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
CoInitializeSecurity
CoCreateInstance

oleaut32

SafeArrayRedim
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SysFreeString
SafeArrayGetVartype
SafeArrayUnlock
SafeArrayCreate
SafeArrayLock
SysStringByteLen

shlwapi

PathFindFileNameA

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89e1fa26c764acc5d71bd99f518e46fe

Headers

DLL Characteristics

File Characteristics

Imports

imagehlp

crypt32

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 8KB - Virtual size: 4KB