d291cc506afea5e007405dfb525051fd12716bc1a2f88bf64a692f72acc1a760

Sharing

Copy URL Twitter E-mail

General

Target

d291cc506afea5e007405dfb525051fd12716bc1a2f88bf64a692f72acc1a760
Size

268KB
MD5

04cb7fb805fb1f725a31bf6ece08845e
SHA1

96268796d39f8b516f41d70600ea38bea7d8022e
SHA256

d291cc506afea5e007405dfb525051fd12716bc1a2f88bf64a692f72acc1a760
SHA512

60dcbe1d0a4b76139280b48793d53c2f38a0966401843d819fea3a3108f272d85aec001c2a71a2ee83135982b8483d0c98af8a8802259052e8b726c8357de58c
SSDEEP

6144:fwDj6X+H45IdyctYrT7/PsW8EZd40seWs9Zxip:IDj6X+YmbtYLPsfEHlWs9ap

Score

N/A

Malware Config

Signatures

Files

d291cc506afea5e007405dfb525051fd12716bc1a2f88bf64a692f72acc1a760
.exe windows x86

6a6521113ada0ab6ae55447aed9bd454

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentProcess
FlushInstructionCache
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
GetSystemDirectoryA
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
LoadLibraryA
VirtualProtect
SetLastError
lstrcmpiA
ReadProcessMemory
WideCharToMultiByte
InterlockedDecrement
TerminateProcess
GetStartupInfoA
DeviceIoControl
GetLongPathNameW
lstrlenW
InterlockedIncrement
GetProcAddress
FreeLibrary
GetProcessHeap
HeapAlloc
HeapFree
OpenProcess
CloseHandle
RemoveDirectoryA
FindNextFileA
GetTickCount
MoveFileA
GetWindowsDirectoryA
ReadFile
GetShortPathNameA
SetFileAttributesA
DeleteFileA
GetTempPathA
GetTempFileNameA
MoveFileExA
FindFirstFileA
FindClose
GetEnvironmentVariableA
SetFilePointer
GetFileSize
CreateFileA
GetLastError
LocalFree
SearchPathW
GetFileAttributesA
GetCurrentProcessId
GetModuleHandleA
GetVersionExA
GetVolumeInformationA
LoadLibraryExW
MultiByteToWideChar

user32

MapWindowPoints
LoadStringA
MessageBoxA
PostMessageA
FindWindowExA
BeginPaint
DispatchMessageA
ScreenToClient
DrawTextA
EndPaint
PostQuitMessage
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
GetDlgItem
SetWindowPos
GetSystemMetrics
LoadImageA
SendMessageA
SetDlgItemTextA
IsDialogMessageA
SetWindowLongA
DefWindowProcA
DestroyWindow
CreateDialogParamA
TranslateMessage
ShowWindow
PeekMessageA
GetMessageA

gdi32

SelectObject
SetBkMode
SetTextColor
GetStockObject

shell32

ShellExecuteA
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

msvcrt

_controlfp
memcpy
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_mbstok
_vsnprintf
fputs
strrchr
_except_handler3
fopen
rewind
_strnicmp
fseek
fprintf
fclose
_osver
??2@YAPAXI@Z
memmove
realloc
free
__CxxFrameHandler
fgets

shlwapi

SHSetValueA
StrCmpNIA
PathAppendA
PathIsDirectoryA
StrStrIW
SHDeleteValueA
StrStrIA
PathCombineA
PathFileExistsA
SHGetValueA
StrChrW
SHDeleteKeyA

psapi

GetModuleInformation

advapi32

SetEntriesInAclA
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
ControlService
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
RegQueryValueExA
BuildExplicitAccessWithNameA
DeleteAce
GetExplicitEntriesFromAclA
GetUserNameA
GetNamedSecurityInfoA
SetNamedSecurityInfoA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a6521113ada0ab6ae55447aed9bd454

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

msvcrt

shlwapi

psapi

advapi32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 12KB - Virtual size: 10KB

.tc Size: 196KB - Virtual size: 196KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 12KB - Virtual size: 10KB

.tc
Size: 196KB - Virtual size: 196KB