8f8e885f089f66a557222007da30b8bf56c6e9e1a8255011fcb3e927bd8ea97a

Sharing

Copy URL Twitter E-mail

General

Target

8f8e885f089f66a557222007da30b8bf56c6e9e1a8255011fcb3e927bd8ea97a
Size

197KB
MD5

065a60d052f20eee89b5a1bf5e99b911
SHA1

fdec8df28bd4d4ebfde22242b56042c1abe417f1
SHA256

8f8e885f089f66a557222007da30b8bf56c6e9e1a8255011fcb3e927bd8ea97a
SHA512

5e2a74b225f1d6d1f5997cbf486bd558ab1ca0a2bc487f29fbde4584fb96dac139bbe894c0e92c9c1a46bb5b9974e50fc1d1f7b4d29fb647cf4e2e54b7221338
SSDEEP

6144:1oXPJK29tetnHBNeivkMhz5s8YNt5Y3U2sp2k/zWNA:if9tmNei9vhYr5YkHp2k/zWNA

Score

N/A

Malware Config

Signatures

Files

8f8e885f089f66a557222007da30b8bf56c6e9e1a8255011fcb3e927bd8ea97a
.exe windows x86

282ab689f53d75a8dd9a1879b7847878

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetWindowsDirectoryA
GetTempPathA
SetCurrentDirectoryA
FormatMessageA
GlobalUnlock
CopyFileA
GlobalFree
SetFilePointer
GetCurrentProcessId
GetCommandLineW
IsDebuggerPresent
CompareStringA
LCMapStringW
LoadLibraryA
RtlUnwind
lstrcmpA
lstrcpynA
MulDiv
GetProcessHeap
GetTempPathW
WaitForSingleObject
SetHandleCount
LocalFree
GetStringTypeA
RemoveDirectoryA
VirtualQuery
GetUserDefaultLangID
GetCurrentProcess
GetFullPathNameA
GetLocalTime
GetSystemTimeAsFileTime
GetACP
lstrcmpiW
VirtualProtect
GetEnvironmentStringsW
GetStdHandle
DeleteFileW
SetUnhandledExceptionFilter
SetErrorMode
GetSystemTime
RaiseException
QueryPerformanceCounter
lstrcmpiA
ExitProcess
GetCurrentThreadId
CopyFileW
GetProcAddress
DeleteFileA
GetCurrentThread
GlobalAlloc
lstrlenA
GetDriveTypeA
GetFileAttributesA
GetStartupInfoA
GetModuleHandleA
InterlockedCompareExchange
GetConsoleOutputCP
GetOEMCP
GetModuleHandleW
InterlockedIncrement
lstrlenW
GetEnvironmentStrings
GetVersion

msvcrt

__p__commode
__p__fmode
__setusermatherr
__p___initenv
_controlfp
_except_handler3
_initterm
_exit
__set_app_type
_adjust_fdiv
_XcptFilter
__getmainargs

user32

GetSystemMetrics
MessageBoxA
GetKeyState
EnableWindow
GetWindowPlacement
LoadIconA
GetClassInfoA
RegisterClassA
IsIconic
UnregisterClassA
KillTimer
PostMessageA
InvalidateRect
IsWindowEnabled
DrawTextA
CallWindowProcA
SetCursor
MapWindowPoints
BeginPaint
CreateWindowExA
GetCursorPos
GetMenu
GetWindowTextA
GetMenuItemCount
TranslateMessage
FillRect
ShowWindow
DestroyMenu
ClientToScreen

advapi32

CryptReleaseContext
RegQueryInfoKeyW
RegSetValueExW
OpenSCManagerA
CryptHashData
RegDeleteKeyA
DeleteService
RegEnumValueA
InitializeAcl
CheckTokenMembership
ControlService
RegDeleteValueW
CloseServiceHandle
QueryServiceStatus
RegDeleteKeyW
RegOpenKeyExW
CryptGenRandom
RegQueryValueA
OpenServiceW
SetSecurityDescriptorOwner
GetSecurityDescriptorDacl
CryptAcquireContextA
SetSecurityDescriptorGroup
AdjustTokenPrivileges
GetLengthSid
EqualSid
RegEnumKeyExA
CryptDestroyHash
RegCreateKeyExW
GetTokenInformation

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

282ab689f53d75a8dd9a1879b7847878

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 61KB - Virtual size: 102KB

.rsrc Size: 115KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 620B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 61KB - Virtual size: 102KB

.rsrc
Size: 115KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 620B