618323ac27a7dbad00d7867e379d79895471486278023e7d8b63b77963e3e7f1

General

Target

618323ac27a7dbad00d7867e379d79895471486278023e7d8b63b77963e3e7f1
Size

776KB
MD5

92a5a1e839d1236f3a76e2d47d1ede20
SHA1

4f3948799d09eee12ecea11c0cab7a0981c7d72c
SHA256

618323ac27a7dbad00d7867e379d79895471486278023e7d8b63b77963e3e7f1
SHA512

071c613cb7147e09ccd8d242dd9afe0aab9f5b4a693605fd6dad176728ab0b32ef5e3e8563a18582996028d45a20fc3339ac1fa70455b34dd063b61bc6c4dfff
SSDEEP

24576:UmrW68Clbhh+pl0+QkJNBXOB8pYOg03Jb:UCoCthh+X0+/JvtJb

Score

N/A

Malware Config

Signatures

Files

618323ac27a7dbad00d7867e379d79895471486278023e7d8b63b77963e3e7f1
.exe windows x86

c19ff2f079261b0ed421116f00d047e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceA
IsBadStringPtrW
FormatMessageA
WriteConsoleW
GetFileSize
HeapCreate
IsValidLocale
CreateMutexA
GetFileTime
WriteConsoleW
GetCurrentDirectoryW
ReadFile
CloseHandle
lstrcpyW
lstrcpyA
SetFileAttributesA
GetStartupInfoA
ReleaseMutex
GetModuleHandleA
GetLastError
WriteConsoleW

msi

MsiCreateRecord
MsiCloseAllHandles
MsiCloseHandle
MsiAdvertiseProductA

user32

GetWindowTextA
IsWindow
IsZoomed
SetCursorPos
PostMessageW
IsDialogMessageA
wsprintfW
SetFocus
IsCharLowerA
LoadCursorW
DispatchMessageA
PeekMessageW
GetWindowLongW

wldap32

ldap_add

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 263B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c19ff2f079261b0ed421116f00d047e1

Headers

File Characteristics

Imports

kernel32

msi

user32

wldap32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 20KB

.rsrc Size: 766KB - Virtual size: 2.1MB

.text1 Size: 1024B - Virtual size: 263B

.data1 Size: 512B - Virtual size: 224B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 20KB

.rsrc
Size: 766KB - Virtual size: 2.1MB

.text1
Size: 1024B - Virtual size: 263B

.data1
Size: 512B - Virtual size: 224B