be2b5d515abf799d32e1483e4eb73517c5d71664a336efc503a14cd3fa7e83ee

Sharing

Copy URL Twitter E-mail

General

Target

be2b5d515abf799d32e1483e4eb73517c5d71664a336efc503a14cd3fa7e83ee
Size

112KB
MD5

06378fcc8242a9c0e5b788c912e4ca98
SHA1

585a32cbb6abb96c91d019771d753c9015819344
SHA256

be2b5d515abf799d32e1483e4eb73517c5d71664a336efc503a14cd3fa7e83ee
SHA512

c8f8777311b5c085337dd37ff987230330dae7156f3219684af986c8fffd21dbf6f943a0f7e8acec6ff4c2bbc3103bc813dddf4e1f0a89aa48d76af08ac4fcfb
SSDEEP

1536:Pi3jZG7uXVy5Nx813/o48KiaxLjCFq6HNbX18zhHqRrWOi7bh5Qh9b0BrXRZJr7D:Pi3+uXVwYg48r9fNB89HKrNKNX3D

Score

N/A

Malware Config

Signatures

Files

be2b5d515abf799d32e1483e4eb73517c5d71664a336efc503a14cd3fa7e83ee
.exe windows x86

80af8c9f1ad7eaabe5b9cc8a819e72b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDiskFreeSpaceA
InterlockedDecrement
GetThreadLocale
CopyFileW
GetModuleHandleW
GetStringTypeA
GlobalReAlloc
InterlockedExchange
lstrcpyA
GetSystemTime
GetConsoleOutputCP
GetModuleHandleA
GetSystemInfo
SetHandleCount
SystemTimeToFileTime
VirtualProtect
GetFileType
DeleteFileA
Sleep
WaitForMultipleObjects
GetExitCodeProcess
LocalFileTimeToFileTime
GetFileAttributesA
GetCurrentDirectoryA
lstrlenA
SetCurrentDirectoryA
SetFilePointer
CompareStringW
GetUserDefaultLangID
LoadResource
GetFullPathNameA
GetLocaleInfoW
GetFileAttributesW
ExpandEnvironmentStringsA
WaitForSingleObject
lstrcmpA
GetTempPathA
IsValidCodePage
QueryPerformanceCounter
GetShortPathNameA
IsDebuggerPresent
RtlUnwind
GetCurrentProcessId
GetSystemDirectoryA
GetCurrentThread
GetEnvironmentStringsW
CreateDirectoryA
GetCPInfo
SetUnhandledExceptionFilter
VirtualQuery
MulDiv
GetSystemDefaultLCID
GetTempPathW
VirtualFree
CreateFileMappingA
FileTimeToDosDateTime
GetCommandLineA

msvcrt

_exit
_initterm
__p___initenv
_controlfp
_XcptFilter
__setusermatherr
_except_handler3
__getmainargs
__p__fmode
_adjust_fdiv
__p__commode
__set_app_type

user32

GetWindowThreadProcessId
GetMessageA
GetSystemMetrics
DeleteMenu
GetFocus
EnableMenuItem
FillRect
DrawFrameControl
ShowCursor
TranslateMessage
PeekMessageA
GetMenuItemID
ShowOwnedPopups
LoadCursorA
GetForegroundWindow
GetSysColorBrush
GetClassInfoA
PostMessageA
GetMenuStringA
SetWindowPlacement
SetWindowTextA
MessageBoxA
CharLowerA
DialogBoxParamA
TrackPopupMenu
DrawTextA
DestroyIcon
EnableWindow
GetParent
PtInRect
GetKeyboardType
InsertMenuA
GetWindowPlacement
GetMessagePos
CharNextA
ReleaseDC
SetScrollInfo
MapWindowPoints
RegisterClassA
SetPropA

advapi32

RegQueryValueExW
RegOpenKeyExW
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyA
SetSecurityDescriptorGroup
OpenProcessToken
DeregisterEventSource
RegSetValueExA
CloseServiceHandle
AllocateAndInitializeSid
RegDeleteValueW
AdjustTokenPrivileges
OpenSCManagerA
RegEnumKeyExW
RegQueryValueExA
CryptGenRandom
CopySid
RegFlushKey
RegDeleteValueA
RegQueryInfoKeyW
RegEnumKeyA
RegEnumKeyW
OpenThreadToken
RegDeleteKeyW
OpenServiceA
InitiateSystemShutdownA
LookupPrivilegeValueW

Sections

.text
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80af8c9f1ad7eaabe5b9cc8a819e72b7

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 1024B - Virtual size: 812B

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 1024B - Virtual size: 812B

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 34KB - Virtual size: 33KB