4a65a1bf66a5ecabe91b0e7291ec2aac7b1c9eeda8cd2f6e14e0bc485279a6bb

Sharing

Copy URL Twitter E-mail

General

Target

4a65a1bf66a5ecabe91b0e7291ec2aac7b1c9eeda8cd2f6e14e0bc485279a6bb
Size

172KB
MD5

edca6e99daa2beb28fff4bbe8ac15478
SHA1

ccad232216835336962f8866d91a4fe365bb6db6
SHA256

4a65a1bf66a5ecabe91b0e7291ec2aac7b1c9eeda8cd2f6e14e0bc485279a6bb
SHA512

cc3e29b4561bcdbb1bc05574f801313426267086c4411b3ad8e54fd0aaa946254db55ba54598a23bcda3333182420e79540002ac467f425ce4121107a2e5ef28
SSDEEP

3072:9tQ7ILK8ysS7VXKVnAPbEhP3wU91BknsYoZpfL5k5loe61Mw:LQOPyx7x/EhPysZ5261M

Score

N/A

Malware Config

Signatures

Files

4a65a1bf66a5ecabe91b0e7291ec2aac7b1c9eeda8cd2f6e14e0bc485279a6bb
.exe windows x86

233fcfb000cac4448015bb44bc99d296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
lstrlenW
lstrcpyW
lstrcmpiW
lstrcmpiA
lstrcmpA
lstrcatW
WriteProcessMemory
WaitForSingleObject
WaitForMultipleObjects
VirtualQueryEx
VirtualQuery
VirtualProtectEx
VirtualProtect
UnmapViewOfFile
TerminateThread
TerminateProcess
Sleep
SetThreadPriority
SetLastError
SetEvent
ResumeThread
ReleaseSemaphore
ReleaseMutex
ReadProcessMemory
ReadFile
OpenProcess
OpenMutexW
OpenMutexA
OpenFileMappingW
OpenFileMappingA
OpenEventW
OpenEventA
MapViewOfFile
LoadLibraryExA
LoadLibraryW
LoadLibraryA
IsBadWritePtr
IsBadReadPtr
GetVersionExW
GetVersionExA
GetTickCount
GetThreadContext
GetTempPathW
GetSystemDirectoryW
WriteFile
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLastError
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetExitCodeThread
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
InterlockedExchange
FormatMessageA
DuplicateHandle
DeleteFileW
CreateThread
CreateSemaphoreA
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateFileA
CreateEventW
CreateEventA
CloseHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapFree
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
ExitProcess
FreeLibrary
GetCommandLineA
GetLocaleInfoA
GetStartupInfoA
GetThreadLocale
WideCharToMultiByte
GetCurrentThreadId
GetVersion
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcpyA
lstrlenA
GetSystemDirectoryA
MultiByteToWideChar

user32

GetThreadDesktop
GetUserObjectInformationA
MsgWaitForMultipleObjects
GetSystemMetrics
PeekMessageA
TranslateMessage
MessageBoxA
GetKeyboardType
DispatchMessageA
CloseDesktop
OpenInputDesktop

advapi32

RegCreateKeyExA
RegEnumKeyA
RegOpenKeyExW
RegSetValueExA
RegSetValueExW
SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
IsValidSid
InitializeSecurityDescriptor
GetTokenInformation
GetLengthSid
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges
GetKernelObjectSecurity
RegDeleteKeyA

oleaut32

SysReAllocStringLen
SysFreeString
SysAllocStringLen

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

233fcfb000cac4448015bb44bc99d296

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 16KB - Virtual size: 14KB

CODE Size: 116KB - Virtual size: 114KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 11KB

DATA Size: 8KB - Virtual size: 4KB

BSS Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 936B

.text
Size: 16KB - Virtual size: 14KB

CODE
Size: 116KB - Virtual size: 114KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 11KB

DATA
Size: 8KB - Virtual size: 4KB

BSS
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 936B