d12899e68fd739a9c944c034a98b90e99c7dc89143093e8600a8c6d4778ce798

Sharing

Copy URL

Twitter E-mail

General

Target

d12899e68fd739a9c944c034a98b90e99c7dc89143093e8600a8c6d4778ce798
Size

216KB
MD5

0f2e4b155f2857a80dc325b7a7b79f61
SHA1

d566035c49966bf4344bd1cd54eb6a52f5b83aed
SHA256

d12899e68fd739a9c944c034a98b90e99c7dc89143093e8600a8c6d4778ce798
SHA512

07e50d190dc2a8e429ee7ec34260502322882ac0565a453662b724a394cfd71234cba59aaac5874d66e724af02ce5b66535413f8b372e617c97a2614c06f6657
SSDEEP

6144:YItxogSWgawEHyuKRo560rNqQWe8m1LQd7LG6XOKsW:YItxlPhQNRo53r0S1LOXOKT

Score

N/A

Malware Config

Signatures

Files

d12899e68fd739a9c944c034a98b90e99c7dc89143093e8600a8c6d4778ce798
.exe windows x86

f0291de02b0c8c7475394a83fe9fc8a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
CoUninitialize
CoInitializeEx
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoCreateInstance

kernel32

DeleteCriticalSection
lstrcpyA
GetCurrentProcess
OpenProcess
GetExitCodeProcess
GetExitCodeThread
DuplicateHandle
CloseHandle
Sleep
GetProcAddress
CreateEventA
GetCurrentThreadId
GetCurrentProcessId
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
lstrlenA
GetWindowsDirectoryA
GetFileAttributesA
lstrcatA
CopyFileA
GetModuleFileNameA
DeleteFileA
WaitForSingleObject
CreateMutexA
ResumeThread
CreateThread
TerminateThread
FindResourceA
GetLocaleInfoA
lstrcpynA
LoadResource
InterlockedIncrement
InterlockedDecrement
GetSystemTimeAsFileTime
GetCommandLineA
SizeofResource
IsDBCSLeadByte
GetACP
MultiByteToWideChar
RaiseException
InterlockedExchange
GetLastError
SetLastError
GetThreadLocale
GetModuleHandleA
LoadLibraryExA
GetVersionExA
GlobalSize
GlobalAlloc
GlobalFree
CreateFileA
WriteFile
FindResourceExA
LockResource
LoadLibraryA
CreateDirectoryA
GetTempPathA
GetVolumeInformationA
GetLocalTime
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
GetThreadContext
SetThreadContext
CreateProcessA
FlushInstructionCache
GetShortPathNameA
VirtualProtectEx
WriteProcessMemory
SetFilePointer
SetFileTime
ReadFile
GetFileTime
TerminateProcess
Process32First
Process32Next
CreateToolhelp32Snapshot
VirtualFree
VirtualAlloc
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
GetFileAttributesExA
GetStartupInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
IsBadWritePtr
HeapSize
GetOEMCP
GetCPInfo
RtlUnwind
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
LocalFree
EnterCriticalSection
lstrcmpiA
lstrlenW
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSection
FreeLibrary
lstrcmpA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetTickCount
VirtualFreeEx

user32

MsgWaitForMultipleObjects
CharNextA
TranslateMessage
GetMessageA
SetTimer
IsChild
KillTimer
IsWindowEnabled
SetWinEventHook
wsprintfA
EnumWindows
GetWindowLongA
GetDesktopWindow
IsWindowVisible
GetWindowModuleFileNameA
GetWindowThreadProcessId
wvsprintfA
DispatchMessageA

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA

oleaut32

VarBstrCat
SysAllocStringByteLen
SysStringLen
VarUI4FromStr
SysFreeString
VariantInit
VariantClear
SysStringByteLen
SysAllocString
SysAllocStringLen

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 88KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0291de02b0c8c7475394a83fe9fc8a5

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 88KB - Virtual size: 98KB

.rsrc Size: 4KB - Virtual size: 512B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 88KB - Virtual size: 98KB

.rsrc
Size: 4KB - Virtual size: 512B

.reloc
Size: 12KB - Virtual size: 9KB