d3b4838af4c5535da7b3c672ab6c2d163b22be083412a049d97228e384801cb1

Sharing

Copy URL Twitter E-mail

General

Target

d3b4838af4c5535da7b3c672ab6c2d163b22be083412a049d97228e384801cb1
Size

908KB
MD5

a30b656cd7e07763f0240f34819eaa2b
SHA1

115a37400d9e06cc5edca1de6a5e9707d0efdb52
SHA256

d3b4838af4c5535da7b3c672ab6c2d163b22be083412a049d97228e384801cb1
SHA512

03ccb37fed16f3684f54a2c323200a53d73991a16ecf282efe0f34d734c9f68b1b569a049c6dce7739b64ff9a3525f31c0c1d754f2380c013d6070717a6cd1fd
SSDEEP

6144:r6+2S8C3oaK89QsAUASIODglb0pleA8uXV:r6+xP3oaXG7UNI30pZnF

Score

N/A

Malware Config

Signatures

Files

d3b4838af4c5535da7b3c672ab6c2d163b22be083412a049d97228e384801cb1
.exe windows x86

b5b988134412a68f42a225816066bff9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSetProviderExA
ElfClearEventLogFileW
LogonUserA
LsaEnumerateTrustedDomainsEx
LsaLookupPrivilegeName
SetEntriesInAuditListW
CryptSetProviderA

kernel32

AreFileApisANSI
CloseHandle
CreateFileMappingW
CreateFileW
DeleteFileW
FileTimeToSystemTime
FlushFileBuffers
FreeLibrary
GetFileSize
GetLocalTime
GetTempFileNameW
GetTempPathW
LocalAlloc
LocalFree
MapViewOfFile
MulDiv
ReadFile
SetFilePointer
SystemTimeToFileTime
UnmapViewOfFile
WriteFile
lstrcpyW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualAlloc
CompareStringW
CreateEventA
CreateThread
GetComputerNameA
GetCurrentProcess
GetExitCodeThread
ResetEvent
SetEvent
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
VirtualFree
WaitForSingleObject
DisableThreadLibraryCalls
InterlockedCompareExchange
InterlockedExchange
RaiseException
TlsAlloc
TlsFree
TlsGetValue
GetProcAddress
GetModuleHandleA
ExitProcess
SetFileTime
LocalFileTimeToFileTime
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
SetErrorMode
FindFirstFileW
FindNextFileW
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TlsSetValue
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
UnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
LoadLibraryA
InitializeCriticalSection
SetStdHandle
GetFileType
SetHandleCount
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapDestroy
HeapCreate
GetStringTypeA
GetStringTypeW
HeapSize
IsDBCSLeadByteEx
ReadConsoleA
GetConsoleCP
ReadConsoleW
SetConsoleMode
GetConsoleMode
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoA
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA

Sections

.text
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 444KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5b988134412a68f42a225816066bff9

Headers

File Characteristics

Imports

advapi32

kernel32

Sections

.text Size: 312KB - Virtual size: 308KB

.rdata Size: 148KB - Virtual size: 145KB

.data Size: 444KB - Virtual size: 459KB

.text
Size: 312KB - Virtual size: 308KB

.rdata
Size: 148KB - Virtual size: 145KB

.data
Size: 444KB - Virtual size: 459KB