fc7d412be23b2e0d3512a91290653414ec8526102522e022637b2c2c061f7054

Sharing

Copy URL Twitter E-mail

General

Target

fc7d412be23b2e0d3512a91290653414ec8526102522e022637b2c2c061f7054
Size

202KB
MD5

935f6bdcfbc0768faef2bceab78291c0
SHA1

b2850422fa7bb59c559444321acefecf56a74400
SHA256

fc7d412be23b2e0d3512a91290653414ec8526102522e022637b2c2c061f7054
SHA512

1f407b3a3b2a5c5ae4d017bed51a0f31deb8e3a5a195079498aec08931bd12edeb9427a8ce2ab7196a366f99171548ed54ca57d621111120d2fca1b2661ff19f
SSDEEP

3072:jG+1DbjV37rK6yKNGUtbNp/HQlLIVdE8qQyqB9TnQ9fyzwSBv:jTbjVldHNpolUFZyqnQ6

Score

N/A

Malware Config

Signatures

Files

fc7d412be23b2e0d3512a91290653414ec8526102522e022637b2c2c061f7054
.exe windows x86

6f3b01c8b3623161d18a1e9476426a3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleFileNameW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
FindResourceExW
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
WideCharToMultiByte
LCMapStringA
FindResourceW
SizeofResource
LockResource
LoadResource
Sleep
GetShortPathNameW
GetCurrentProcess
lstrlenW
GetVersionExW
GetStartupInfoW
GetLastError
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
RtlUnwind
LoadLibraryA

user32

UnregisterClassA
wsprintfW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegUnLoadKeyW
RegLoadKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f3b01c8b3623161d18a1e9476426a3d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 128KB - Virtual size: 128KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 128KB - Virtual size: 128KB