1b79381be38900ac2618ce1ad464fc27f8a1b887ffb6bf584b3391e9ef301e39

Sharing

Copy URL Twitter E-mail

General

Target

1b79381be38900ac2618ce1ad464fc27f8a1b887ffb6bf584b3391e9ef301e39
Size

124KB
MD5

36f314c904b430f1e9dcc7094fb69d40
SHA1

788074e27071016243369c6405b07822b82aff41
SHA256

1b79381be38900ac2618ce1ad464fc27f8a1b887ffb6bf584b3391e9ef301e39
SHA512

6f82fdd579b9f87150ee6f547b8db4c91645557118e4745a22dadbe6f9246b4173eb85ecb87b6c2e6758a3289a9120f39c5d38c9e82240c51841bc0a0251ea6f
SSDEEP

3072:sELzfVBZGlbg7Bvpp+3CD3/rZmgIrzEwfxTCYmqPHm:sELzfVBgl8V7+3w/g3rA6xTQGHm

Score

N/A

Malware Config

Signatures

Files

1b79381be38900ac2618ce1ad464fc27f8a1b887ffb6bf584b3391e9ef301e39
.exe windows x86

6e892ba9a1dc1949f4bacdab096eb39c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetExitCodeProcess
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeInfo
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessShutdownParameters
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
Heap32ListFirst
IsProcessorFeaturePresent
LoadLibraryA
LoadLibraryExA
LoadResource
FreeResource
LocalFileTimeToFileTime
LocalFree
LocalHandle
LockResource
MulDiv
ReadConsoleOutputAttribute
RemoveDirectoryA
ResetEvent
RtlUnwind
SetCurrentDirectoryA
SetEvent
SetFileApisToANSI
SetFilePointer
SetFileTime
SetProcessPriorityBoost
SetThreadPriority
SizeofResource
TerminateJobObject
TerminateThread
Toolhelp32ReadProcessMemory
VirtualAlloc
VirtualFree
VirtualProtectEx
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
_lclose
_llseek
_lopen
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
FormatMessageA
FreeLibrary
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
ExpandEnvironmentStringsA
ExitProcess
DeleteTimerQueueEx
DeleteFileA
CreateThread
CreateProcessA
CreateEventA
CreateDirectoryA
CloseHandle
LocalAlloc
AllocConsole

gdi32

GetDeviceCaps

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges
RegSetValueExA

user32

CallWindowProcA
CharNextA
CharPrevA
CharUpperA
DialogBoxIndirectParamA
DispatchMessageA
EnableWindow
EndDialog
ExitWindowsEx
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetWindowLongA
GetWindowRect
LoadStringA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
wsprintfA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e892ba9a1dc1949f4bacdab096eb39c

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 17KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 188B

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 17KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 188B