056d3294582157265c0a86e7325cb43daec9e4985cd96e56cf960bf3531def6c

Sharing

Copy URL

Twitter E-mail

General

Target

056d3294582157265c0a86e7325cb43daec9e4985cd96e56cf960bf3531def6c
Size

232KB
MD5

925955e666b90fe9eedee074c2573fed
SHA1

23d87a419676b4384554463b71bfc7ebf35ef839
SHA256

056d3294582157265c0a86e7325cb43daec9e4985cd96e56cf960bf3531def6c
SHA512

02465ca441271ce2dc1291a4913cb0783e72d1a1d47964daa59e5ef4d1e0a815607ec3b6a9714ea95ed6082f86c2d08d68d53dcb1d9920e162c3619a8658e0a6
SSDEEP

6144:s7GooCvhOjYHHA//VAjiHd4vBhB97ozpL:eGojxA3VAjiHdWhU

Score

N/A

Malware Config

Signatures

Files

056d3294582157265c0a86e7325cb43daec9e4985cd96e56cf960bf3531def6c
.exe windows x86

24f2ca5d00b27c78361ce89afe2be1fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
MoveFileA
SetUnhandledExceptionFilter
WideCharToMultiByte
LocalAlloc
lstrlenW
MultiByteToWideChar
QueryPerformanceCounter
GetEnvironmentVariableA
GlobalReAlloc
LoadResource
GetCurrentProcess
lstrcmpA
OutputDebugStringA
GetStdHandle
GetThreadLocale
GetUserDefaultLangID
EnumCalendarInfoA
CopyFileA
FreeEnvironmentStringsA
GetLocaleInfoW
GetWindowsDirectoryA
GetVersion
FormatMessageA
GetOEMCP
VirtualProtect
IsDebuggerPresent
GetCurrentProcessId
lstrcatA
IsBadWritePtr
GetACP
InterlockedDecrement
GetExitCodeProcess
FlushFileBuffers
GetModuleHandleA
IsValidCodePage
GetCommandLineW
GetCurrentThreadId
GetTempPathA
GetSystemInfo
GetLastError
GetVersionExW
GlobalUnlock
lstrcmpiA
GetDriveTypeA
DeleteFileW
GetFileTime
GetModuleHandleW
DeleteFileA

msvcrt

__p___initenv
strncmp
fflush
_write
__p__commode
atexit
_exit
getenv
__p__environ
malloc
fputc
_controlfp
realloc
fopen
free
__set_app_type
__getmainargs
_snprintf
_adjust_fdiv
_initterm
_onexit
fputs
strncpy
_XcptFilter
wcslen
__p__fmode
_except_handler3
signal
__dllonexit
__setusermatherr
strcpy
memmove
exit
fclose
strchr
_errno

advapi32

RegQueryValueA
CryptGenRandom
CloseServiceHandle
RegEnumKeyExW
InitiateSystemShutdownA
RegDeleteKeyA
RegCreateKeyA
CopySid
CryptAcquireContextA
AllocateAndInitializeSid
SetSecurityDescriptorDacl
OpenServiceA
RegQueryValueExW
ControlService
RegCloseKey
GetSecurityDescriptorDacl
RegEnumKeyA
RegEnumKeyW
DeregisterEventSource
RegQueryInfoKeyA
IsValidSid
CheckTokenMembership
QueryServiceStatus
OpenThreadToken
RegSetValueExW
RegCreateKeyExA

user32

FrameRect
GetSystemMetrics
GetScrollPos
ShowCursor
CharNextA
InvalidateRect
GetLastActivePopup
GetSysColor
WaitMessage
GetWindowTextA
WinHelpA
ScrollWindow
GetSystemMenu
RegisterWindowMessageA
GetMessagePos
IsRectEmpty
MapWindowPoints
ShowWindow
GetWindowLongA
GetDesktopWindow
MessageBeep
IsIconic
DrawIconEx
GetForegroundWindow
GetCapture
DrawTextA
GetDCEx
DeleteMenu
GetWindowPlacement
GetKeyState
ReleaseDC
GetSysColorBrush
wsprintfA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24f2ca5d00b27c78361ce89afe2be1fa

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 145KB - Virtual size: 145KB

.data Size: 51KB - Virtual size: 50KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 145KB - Virtual size: 145KB

.data
Size: 51KB - Virtual size: 50KB

.rsrc
Size: 32KB - Virtual size: 31KB