67b9037fee0e2b96572697304c14f5487364d409df5aaecb9188658c1fb9b7fb

Sharing

Copy URL Twitter E-mail

General

Target

67b9037fee0e2b96572697304c14f5487364d409df5aaecb9188658c1fb9b7fb
Size

236KB
MD5

0f43cf4c044045bea38df126f9f74d60
SHA1

d8264fa10865730ae5603850bb9d74a05eee9858
SHA256

67b9037fee0e2b96572697304c14f5487364d409df5aaecb9188658c1fb9b7fb
SHA512

d478633f0cd22d0bb83ebf606241737f14a2a039f0a5fe7ee1d1afcadcaaa946681ce73d59e6f9ee2d31c6f192882c31183ad868c511ff4ff3d57673653f01e2
SSDEEP

3072:+wzuNOi5F9oboo8cHjc1LLWEBuMNvkJnTpkohJhWjMSZNvnMmBxev7l5AoXWqcCy:kNZz1WEB5Nv+VkohJhWjNZMPHWqcr

Score

N/A

Malware Config

Signatures

Files

67b9037fee0e2b96572697304c14f5487364d409df5aaecb9188658c1fb9b7fb
.exe windows x86

da5665095c79c570d2c8dd87d4add751

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetExitCodeProcess
LCMapStringW
FileTimeToSystemTime
SetFileTime
IsBadReadPtr
VirtualProtect
CopyFileA
GetEnvironmentStrings
InterlockedCompareExchange
GetSystemTime
GetFileAttributesA
SystemTimeToFileTime
GetOEMCP
LoadResource
GetACP
SetFileAttributesW
GetModuleHandleA
GetUserDefaultLangID
GetTempPathA
GetModuleFileNameA
GetModuleHandleW
GetConsoleOutputCP
InterlockedExchange
SetFileAttributesA
GetEnvironmentStringsW
WaitForMultipleObjects
GetCurrentProcess
GetFileType
InterlockedIncrement
GlobalReAlloc
GetTempPathW
DeleteFileA
ExitProcess
GetCommandLineA
GlobalHandle
GetLocaleInfoW
GetThreadLocale
IsDBCSLeadByte
GlobalUnlock
CopyFileW
SetEnvironmentVariableA
GetCurrentProcessId
lstrlenA
CreateProcessW
GetCurrentThread
FormatMessageA

msvcrt

__p__commode
__setusermatherr
_exit
__getmainargs
_XcptFilter
_adjust_fdiv
_initterm
_except_handler3
__p___initenv
__set_app_type
_controlfp
__p__fmode

user32

GetDC
IsDialogMessageA
GetCursorPos
OpenClipboard
SetActiveWindow
CreatePopupMenu
GetWindowTextA
ShowWindow
SetClipboardData
RedrawWindow
OemToCharA
RegisterClipboardFormatA
EnableWindow
CheckMenuItem
DestroyMenu
DrawTextA
DestroyIcon
GetMessageA
GetDesktopWindow
GetFocus
GetLastActivePopup
IsZoomed
PostMessageA
ReleaseDC
GetWindow
EnumThreadWindows
GetSystemMetrics
GetIconInfo
DrawEdge
GetSysColor
GetMenuItemID
LoadStringA
MapWindowPoints
SystemParametersInfoA
GetForegroundWindow
DialogBoxParamA
GetMenuStringA
GetClientRect
EnableMenuItem
GetClassInfoA
RegisterClassA
SetScrollRange

advapi32

RegEnumKeyExW
CloseServiceHandle
CryptAcquireContextA
RegOpenKeyA
RegEnumValueW
RegCloseKey
RegCreateKeyA
RegOpenKeyW
ControlService
RegFlushKey
RegSetValueExW
SetSecurityDescriptorDacl
OpenServiceA
OpenThreadToken
IsValidSid
RegEnumKeyA
DeregisterEventSource
EqualSid
InitializeAcl
CheckTokenMembership
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
CryptCreateHash
CryptGenRandom
OpenSCManagerW
OpenServiceW
GetTokenInformation
RegOpenKeyExW
RegEnumKeyW
LookupPrivilegeValueA
RevertToSelf
SetSecurityDescriptorGroup
CryptDestroyHash
GetSecurityDescriptorDacl
RegSetValueExA

Sections

.text
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da5665095c79c570d2c8dd87d4add751

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 1024B - Virtual size: 790B

.rdata Size: 146KB - Virtual size: 145KB

.data Size: 51KB - Virtual size: 50KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 1024B - Virtual size: 790B

.rdata
Size: 146KB - Virtual size: 145KB

.data
Size: 51KB - Virtual size: 50KB

.rsrc
Size: 36KB - Virtual size: 36KB