16f958339ea4ab664eb16c3b64ba047128913cb92750afd77691e1d1f0a6a384

General

Target

16f958339ea4ab664eb16c3b64ba047128913cb92750afd77691e1d1f0a6a384
Size

789KB
MD5

31ab5810ee3e59ad3727ba904959b720
SHA1

be730ab2f75ec14c1a5a221832728a7a8173e2b3
SHA256

16f958339ea4ab664eb16c3b64ba047128913cb92750afd77691e1d1f0a6a384
SHA512

2beab2868f94033097e508624598962cab9fb89a51756633094adecbb3e5bccf5075a4c32bc9ba3867a3c796bf154105f314f0c469e87b035c2749aeb61c94ff
SSDEEP

24576:EfTQ/nluph1cQoOiz0nEk9ym0PhWVFgRa:mTQ/cphQz+Ek9ydhaoa

Score

N/A

Malware Config

Signatures

Files

16f958339ea4ab664eb16c3b64ba047128913cb92750afd77691e1d1f0a6a384
.exe windows x86

137dc54d33f786087e0a5eec92c1e652

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindAtomW
GetStringTypeW
GetLogicalDrives
LoadLibraryW
GetLastError
DeleteFileW
CloseHandle
GetDriveTypeA
lstrlenA
TlsGetValue
PulseEvent
Sleep
GetPrivateProfileSectionA
ReadConsoleA
HeapSize
ReadConsoleA
SearchPathA
GetStartupInfoA
ReleaseMutex
ReadConsoleA
VirtualProtectEx

uxtheme

GetWindowTheme
GetThemeColor
DrawThemeEdge
IsThemeActive
GetThemeBool
GetThemeTextMetrics
GetThemeSysSize
CloseThemeData
SetWindowTheme
GetThemeTextExtent
CloseThemeData
DrawThemeBackground
OpenThemeData

gpedit

ExportRSoPData
BrowseForGPO
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 781KB - Virtual size: 781KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

137dc54d33f786087e0a5eec92c1e652

Headers

File Characteristics

Imports

kernel32

uxtheme

gpedit

Sections

.text Size: 1024B - Virtual size: 1024B

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 1.4MB

.rsrc Size: 781KB - Virtual size: 781KB

.import Size: 512B - Virtual size: 289B

.orpc Size: 512B - Virtual size: 136B

.text
Size: 1024B - Virtual size: 1024B

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 1.4MB

.rsrc
Size: 781KB - Virtual size: 781KB

.import
Size: 512B - Virtual size: 289B

.orpc
Size: 512B - Virtual size: 136B