98485792862fae43f44f9af3fecf0ff97976cccbf4aeba06c8e99bbd02586024

Sharing

Copy URL

Twitter E-mail

General

Target

98485792862fae43f44f9af3fecf0ff97976cccbf4aeba06c8e99bbd02586024
Size

618KB
MD5

9191a27860e3f642e7a9dcf6e2c68500
SHA1

c08fc69954db246c5fb42b1d8fc06bf2a9f2a35d
SHA256

98485792862fae43f44f9af3fecf0ff97976cccbf4aeba06c8e99bbd02586024
SHA512

4a665eb02523458b3621c85281a50fdeffb23c4bacce5d489d95153df676418d6b1097c670f393aef88780e09b4299a98c42b05a98fda30ebf2d53be1bca821e
SSDEEP

12288:T26AQv/3Zp06BzCaRsm6i/Q1yRlW3Pca7RyU1Z5abqR5Q4Qt1P:TtX3Zp06BzrRsm6i/QoLYPcG16C1U

Score

N/A

Malware Config

Signatures

Files

98485792862fae43f44f9af3fecf0ff97976cccbf4aeba06c8e99bbd02586024
.exe windows x86

07e21fd5a97bb733b3a019966e68c77e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

shell32

CommandLineToArgvW
ShellExecuteW

kernel32

lstrlenW
GetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
DeleteFileW
MoveFileW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
lstrcpyW
GetFileAttributesW
LocalFree
Process32FirstW
Process32NextW
Sleep
CreateMutexW
GetCommandLineW
CreateDirectoryW
CopyFileW
SetCurrentDirectoryW
HeapReAlloc
HeapSize
SetStdHandle
WriteConsoleW
CreateFileW
CloseHandle
CreateToolhelp32Snapshot
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSetInformation
GetStartupInfoW
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
EncodePointer
IsProcessorFeaturePresent
FlushFileBuffers
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
RtlUnwind
RaiseException
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW

user32

MessageBoxW
LoadStringW

advapi32

RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW

ole32

CoInitialize

shlwapi

PathStripPathW

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 556KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07e21fd5a97bb733b3a019966e68c77e

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

shell32

kernel32

user32

advapi32

ole32

shlwapi

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 556KB - Virtual size: 2.3MB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 556KB - Virtual size: 2.3MB