637cef08ce490a54e06b8f6b2fa45f0643c89c64498321a4f428da204a869a6d

Sharing

Copy URL Twitter E-mail

General

Target

637cef08ce490a54e06b8f6b2fa45f0643c89c64498321a4f428da204a869a6d
Size

107KB
MD5

0fac735516860d5df459d534515b82b6
SHA1

57dca77daa8367c833f2fc417c174ad3cae19c8c
SHA256

637cef08ce490a54e06b8f6b2fa45f0643c89c64498321a4f428da204a869a6d
SHA512

3cf106bb7676a74ae1f5f3e87845fe90f04ae00a77fc1ccb8094e615cf4ad9eeab404ff5d750dd4e740ad8f1de9bf118d6f2d0f4762906e6cd0a6dca86e74667
SSDEEP

1536:SO5f7x2RAzWZ2Poz7Dl+mp62kgIFuudbBmUhmWyKFmXQ2BVKjevZldS6PhD8I:DV7gRT7x62DmdbBm8mWncKavfgihDL

Score

N/A

Malware Config

Signatures

Files

637cef08ce490a54e06b8f6b2fa45f0643c89c64498321a4f428da204a869a6d
.exe windows x86

20aa9423a0da236d6533a206396aa929

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OutputDebugStringA
CreateFileMappingA
GetACP
InterlockedExchange
GetLocaleInfoA
SetEnvironmentVariableA
lstrcatA
GetLastError
IsValidCodePage
WaitForMultipleObjects
FileTimeToLocalFileTime
CopyFileA
lstrcmpiW
GetStringTypeExA
lstrcpynA
IsBadWritePtr
GlobalFree
DeleteFileA
GetConsoleOutputCP
GetTempPathW
FormatMessageA
Sleep
GetTempPathA
GetModuleHandleA
GetUserDefaultLangID
GetThreadLocale
LoadResource
FreeEnvironmentStringsW
GetModuleHandleW
GetFileAttributesA
CreateProcessW
IsDebuggerPresent
GlobalLock
GetCommandLineW
GetCommandLineA
lstrlenW
GetVersionExW
GetCurrentProcess
VirtualFree
VirtualProtect
LCMapStringA
GetExitCodeProcess
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetFileTime
GlobalAlloc
FreeEnvironmentStringsA
GlobalUnlock
ExitProcess
FlushFileBuffers

msvcrt

_adjust_fdiv
__getmainargs
_initterm
_except_handler3
__p__fmode
_controlfp
__p__commode
__p___initenv
__setusermatherr
_exit
__set_app_type
_XcptFilter

advapi32

RegDeleteValueA
OpenThreadToken
EqualSid
RegEnumKeyW
FreeSid
RegOpenKeyExW
CryptAcquireContextA
GetSecurityDescriptorDacl
CryptDestroyHash
RegQueryInfoKeyA
SetSecurityDescriptorDacl
AdjustTokenPrivileges
RegCreateKeyA
DeleteService
CryptCreateHash
RevertToSelf
IsValidSid
GetTokenInformation
OpenServiceW
RegCreateKeyExW
InitializeSecurityDescriptor
OpenServiceA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyW
ControlService
RegOpenKeyW
RegEnumKeyExW
DeregisterEventSource
LookupPrivilegeValueA
CryptGenRandom
CloseServiceHandle
RegQueryValueA
SetSecurityDescriptorOwner
CopySid
CheckTokenMembership
OpenSCManagerA

user32

GetCapture
DeleteMenu
GetDCEx
EqualRect
GetClassNameA
GetSysColorBrush
DrawMenuBar
IsRectEmpty
GetDesktopWindow
IsZoomed
EnableMenuItem
GetSysColor
SendDlgItemMessageA
DrawIcon
GetMenuState
GetPropA
wsprintfA
AdjustWindowRectEx
CreateMenu
ReleaseCapture
DestroyIcon
MessageBoxA
OpenClipboard
LoadStringA
IsChild
SetForegroundWindow
CheckMenuItem
GetIconInfo
GetMenuItemCount
GetWindowTextA
GetWindowLongA
SetClipboardData
PtInRect
IsWindowVisible
GetKeyboardType
UpdateWindow
UnregisterClassA
SendMessageA
OemToCharA
GetWindowPlacement

Sections

.text
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20aa9423a0da236d6533a206396aa929

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 1024B - Virtual size: 828B

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 1024B - Virtual size: 828B

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 33KB - Virtual size: 33KB