781a821b49fcbe421b1d752af1bb864042fa958e7df590aa91bb48ecc114ccea

Sharing

Copy URL Twitter E-mail

General

Target

781a821b49fcbe421b1d752af1bb864042fa958e7df590aa91bb48ecc114ccea
Size

652KB
MD5

80f18060353d5b82d07573f0bc4c5268
SHA1

f2ddbf47276b1e517923561ff720881c2677e740
SHA256

781a821b49fcbe421b1d752af1bb864042fa958e7df590aa91bb48ecc114ccea
SHA512

56cc3f05e6e9c60b49767f37b450939c7a1b52a6bf3e7d4dcdae97173b635da4cbeba83684116e33ee8279aea2247f9c916ba42f10896a198630e7f32409fc3c
SSDEEP

3072:xaSEaUS6VmflWMZact6fjWmTLxy3iUbDKRm+WrJ9Nzausjl3q:aQbZP6fNxhUbDKMtJ9NzauGVq

Score

N/A

Malware Config

Signatures

Files

781a821b49fcbe421b1d752af1bb864042fa958e7df590aa91bb48ecc114ccea
.exe windows x86

f83431f0acf627aa592684eb4058884e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
FindResourceExA
FindClose
FindFirstFileA
GetCurrentDirectoryA
GetWindowsDirectoryA
GetLastError
GetCurrentProcess
CloseHandle
WriteFile
GetLogicalDrives
SetFileAttributesA
DeleteFileA
WritePrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
CreateDirectoryA
LockResource
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
VirtualQuery
GetSystemInfo
VirtualProtect
SetFilePointer
GetCPInfo
GetOEMCP
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetProcessHeap
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
TerminateProcess
GetProcAddress
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
MoveFileExA
InterlockedExchange
IsBadWritePtr
HeapReAlloc
ExitProcess
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
LoadIconA
LoadCursorA
RegisterClassExA
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
DialogBoxParamA
EndDialog
CreateWindowExA
MessageBoxA
CreateDialogParamA
ShowWindow
EnableWindow
SetDlgItemTextA
GetParent
PostMessageA
GetDlgItemTextA
DestroyWindow
GetDlgItem
SendMessageA
DispatchMessageA

advapi32

RegOpenKeyA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegDeleteValueA

shell32

SHFileOperationA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f83431f0acf627aa592684eb4058884e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 388KB - Virtual size: 386KB

.tc Size: 212KB - Virtual size: 212KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 388KB - Virtual size: 386KB

.tc
Size: 212KB - Virtual size: 212KB