4242c0985e901f6f0973cbc9c46f8053837b281a57692d1107d688198a57b9e7

Sharing

Copy URL Twitter E-mail

General

Target

4242c0985e901f6f0973cbc9c46f8053837b281a57692d1107d688198a57b9e7
Size

352KB
MD5

91b5beac90b38bb04064b71876a584ec
SHA1

047fbbdf9543c0876c6cbddb47013efe6a35f57f
SHA256

4242c0985e901f6f0973cbc9c46f8053837b281a57692d1107d688198a57b9e7
SHA512

41220590dd0f28d7006cc8b470c6607ed440521bd0e395ae09190d3ba520612880a4e9dd60f202daca995866050303ac99a11d4ba3011f16040034b59159b8ed
SSDEEP

6144:v8CmraG3oWo+kQlzWVKubH9/AiLfgGmmokAeaAOKeYyE/TZGyJbGfydCcp0pUKhk:v8praG4Wo+kQlzWVKubH9TIGmmfOWZlD

Score

N/A

Malware Config

Signatures

Files

4242c0985e901f6f0973cbc9c46f8053837b281a57692d1107d688198a57b9e7
.exe windows x86

382a23b1c33f67b995035a7f919d190b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
FreeEnvironmentStringsA
GetACP
GetOEMCP
SetHandleCount
GetStartupInfoA
HeapCreate
HeapDestroy
WriteFile
RtlUnwind
UnhandledExceptionFilter
GetFileType
LoadLibraryA
GetModuleHandleA
LCMapStringA
LCMapStringW
FlushFileBuffers
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
SetStdHandle
GetStringTypeA
SetConsoleCtrlHandler
GetLastError
GetCurrentProcess
TerminateProcess
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetModuleFileNameA
GetVersion
GetCommandLineA
CreatePipe
GetEnvironmentVariableA
GetStdHandle
CreateProcessA
ReadFile
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetFileAttributesA
SetFilePointer
SetEndOfFile
Sleep
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetStringTypeW
ExpandEnvironmentStringsA
GetDriveTypeA
GetLocaleInfoW
GetLocaleInfoA
GetCurrentProcessId
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
SetEnvironmentVariableW
PeekNamedPipe
FileTimeToLocalFileTime
DeleteFileA
GetFileInformationByHandle
FindClose
FileTimeToSystemTime
FindFirstFileA

advapi32

RegCloseKey
RegQueryValueExA
GetTokenInformation
LookupAccountSidA
RegisterEventSourceA
ReportEventA
ReadEventLogA
ClearEventLogA
BackupEventLogA
OpenBackupEventLogA
GetNumberOfEventLogRecords
CloseEventLog
OpenEventLogA
RegUnLoadKeyA
RegLoadKeyA
RegRestoreKeyA
OpenProcessToken
LookupPrivilegeValueA
RegSaveKeyA
AdjustTokenPrivileges
RegQueryInfoKeyA
RegSetKeySecurity
RegGetKeySecurity
RegFlushKey
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegConnectRegistryA
RegCreateKeyExA
RegOpenKeyExA

ole32

BindMoniker
CreateBindCtx
MkParseDisplayName
CoCreateInstance
OleUninitialize
OleBuildVersion
OleInitialize
CLSIDFromProgID

oleaut32

SysAllocString
SysFreeString
GetActiveObject
VariantInit
VariantClear
VariantChangeType

user32

wsprintfW

Sections

.text
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

382a23b1c33f67b995035a7f919d190b

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

user32

Sections

.text Size: 242KB - Virtual size: 242KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 60KB - Virtual size: 203KB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 242KB - Virtual size: 242KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 60KB - Virtual size: 203KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 21KB - Virtual size: 20KB