722d5d3cafc5dd14f7437b6766abb9ba0b251c4d69db069eef66b6a754ae94be

Sharing

Copy URL Twitter E-mail

General

Target

722d5d3cafc5dd14f7437b6766abb9ba0b251c4d69db069eef66b6a754ae94be
Size

137KB
MD5

0ed87d55d8e067ec9245c75ed24fc260
SHA1

a823fa163531cd7b4bb89fe638bf4636b28dfbee
SHA256

722d5d3cafc5dd14f7437b6766abb9ba0b251c4d69db069eef66b6a754ae94be
SHA512

ccb192097db32030722bdc3be1f2993601cc88d959e255be6742d00a099f408b176b0bca9fc1dcd7ec0f908e48e542f5ef28e6ae28502d1fc3ce38aa5ca22488
SSDEEP

1536:2Raod0EvTmy+ikMvUB/FCETh0ftO3+bvFRRHs+njjZ/BD85uT:2vd/vCYy90FO3+bvFRRHs+jj+uT

Score

N/A

Malware Config

Signatures

Files

722d5d3cafc5dd14f7437b6766abb9ba0b251c4d69db069eef66b6a754ae94be
.exe windows x86

554882e25eb38045e662a01aa3589204

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
HeapFree
MoveFileExW
GetModuleFileNameW
SetLastError
GetLastError
lstrcmpW
DeleteFileA
SetThreadExecutionState
CloseHandle
CreateProcessW
GetWindowsDirectoryW
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
OutputDebugStringW
CreateFileA
CreateMutexA
GetComputerNameW
SetFileAttributesA
SetFilePointer
GetCurrentThreadId
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
HeapReAlloc
HeapAlloc
ExitProcess
SetEvent
CreateEventA
FormatMessageW
ReadFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
lstrcmpiW
lstrcpyW
CopyFileW
lstrcpynW
lstrlenW
Sleep
DeleteFileW
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
CreateFileW
GlobalAlloc
VirtualAlloc

user32

GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SendMessageW
DdeAddData
DdeCreateDataHandle
CloseClipboard
GetClipboardData
OpenClipboard
DdePostAdvise
DdeClientTransaction
InvalidateRect
ReleaseDC
GetDC
FlashWindow
SetTimer
PostMessageW
DdeCreateStringHandleW
DdeFreeStringHandle
SetWindowTextW
wsprintfW
DdeQueryStringW
CheckDlgButton
SendDlgItemMessageW
GetSysColor
LoadStringW
GetSystemMetrics
LoadIconW
LoadCursorA
LoadIconA

msvcrt

wcsncpy
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_XcptFilter
_exit
_c_exit
_wcslwr
wcsstr
_wfopen
fclose
_wfullpath
_wsplitpath
swprintf
_ftol
_ltow
floor
fwprintf
_cexit

advapi32

OpenSCManagerW
QueryServiceConfigW
QueryServiceStatus
LsaClose
LsaOpenPolicy
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

554882e25eb38045e662a01aa3589204

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

Sections

.text Size: 106KB - Virtual size: 105KB

.data Size: 4KB - Virtual size: 4KB

.data3 Size: 11KB - Virtual size: 11KB

.data2 Size: 512B - Virtual size: 199B

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 106KB - Virtual size: 105KB

.data
Size: 4KB - Virtual size: 4KB

.data3
Size: 11KB - Virtual size: 11KB

.data2
Size: 512B - Virtual size: 199B

.rsrc
Size: 14KB - Virtual size: 14KB