130ac6f21aee438543e66723df1b989ee892d45ef39a92792fed1f75f5fe508e

Sharing

Copy URL Twitter E-mail

General

Target

130ac6f21aee438543e66723df1b989ee892d45ef39a92792fed1f75f5fe508e
Size

33KB
MD5

0d670dffb324e71c1ab0e8c379485d21
SHA1

98b8231a39f140e2622725b1ac9823b689526dfa
SHA256

130ac6f21aee438543e66723df1b989ee892d45ef39a92792fed1f75f5fe508e
SHA512

4dbe2ff6feb0c454f324cdcd5e00127d8418f7b73d736e92f16a4713cb418156f14442019a5737d6f3949c8048fa520c7b2439c399747ba2bf367644f28836d2
SSDEEP

384:nDL5rYRq9EWisw0zE6j0H6/mlwIOCvCIBDjt6SDxglXsWYVm2Lom3MMo/hLSBm2c:nDL5ryzpD6j0ael9SQDp6SDq8WOm2j

Score

N/A

Malware Config

Signatures

Files

130ac6f21aee438543e66723df1b989ee892d45ef39a92792fed1f75f5fe508e
.exe windows x86

3514013f1d254992b68ec2ed268d651e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
Process32First
CreateToolhelp32Snapshot
LeaveCriticalSection
EnterCriticalSection
GetComputerNameA
SetEvent
Sleep
WaitForSingleObject
CreateProcessA
VirtualAlloc
MultiByteToWideChar
lstrlenW
GetLastError
SetLastError
DeleteFileW
CopyFileW
CreateDirectoryW
CreateEventA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
IsBadReadPtr
ExitProcess
CreateRemoteThread
DuplicateHandle
CreateProcessW
lstrlenA
CreateThread
MapViewOfFile
CreateFileMappingA
InitializeCriticalSection
VirtualQuery
lstrcpyW
GetModuleFileNameW
lstrcatW
GetProcessHeap
TerminateProcess
OpenProcess
GetCurrentProcessId
CreateMutexA
GetCommandLineA
ReadProcessMemory
VirtualQueryEx
WriteFile
CreateFileA
lstrcmpA
VirtualFree
WideCharToMultiByte
lstrcmpiA
CreateFileW
TerminateThread
ResumeThread
SuspendThread
HeapFree
lstrcatA
Process32Next
GetModuleHandleA
GetSystemInfo
GetVersionExA
LoadLibraryA
GetProcAddress
GetCurrentProcess
CloseHandle
lstrcpyA
GetProcessVersion
GetTickCount

user32

CreateWindowExA
GetMessageA
TranslateMessage
RegisterClassExA
GetAsyncKeyState
wsprintfW
DefWindowProcA
GetSystemMetrics
DispatchMessageA
wsprintfA

advapi32

LookupPrivilegeValueA
OpenProcessToken
GetUserNameA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExA
RegSetValueExA
RegNotifyChangeKeyValue
RegDeleteKeyA
AdjustTokenPrivileges

shell32

SHGetFolderPathW

ole32

CoCreateGuid

shlwapi

StrStrA
StrCmpNIA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetGetCookieA

rpcrt4

UuidToStringA

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3514013f1d254992b68ec2ed268d651e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

wininet

rpcrt4

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB