2dd4fb97e6c928ceee0a01455d1e54e2dfad4bb45389b5039a1ebdfb21893473

Sharing

Copy URL Twitter E-mail

General

Target

2dd4fb97e6c928ceee0a01455d1e54e2dfad4bb45389b5039a1ebdfb21893473
Size

328KB
MD5

00c53307e0c8de542451831ec202a45e
SHA1

2ffb364672cf56c2b7a2768826bc6e6ea4f28c18
SHA256

2dd4fb97e6c928ceee0a01455d1e54e2dfad4bb45389b5039a1ebdfb21893473
SHA512

faff0ab4a1f59a1791ebb854726d3422fa63e43e5278744db5fa794b3cb59be3de1786eb7938eb80dab5dec9689d9a26b4185fd1c8371fa5418e4b770b30edfb
SSDEEP

6144:cbcmd+H1Px6F4YXC0NbdjMSkwb2if1L5kz91xSxCFYd:cgmdg1PxHWbdjMNwbn9y6sY

Score

N/A

Malware Config

Signatures

Files

2dd4fb97e6c928ceee0a01455d1e54e2dfad4bb45389b5039a1ebdfb21893473
.exe windows x86

5437060f43830247e3fcbf18a5576bd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
MoveFileW
CreateFileW
GetProcAddress
FindClose
LocalAlloc
SetFileAttributesW
FindNextFileW
GetFileSize
CloseHandle
FindFirstFileW
LocalFree
GetModuleHandleW
lstrlenW
DeleteFileW
GetWindowsDirectoryW
GetModuleFileNameW
lstrcatW
lstrcmpiW
lstrcpynW
ReadFile
CreateFileA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
HeapSize
VirtualAlloc
HeapReAlloc
RtlUnwind
LoadLibraryA
InitializeCriticalSection
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers

advapi32

GetUserNameW
RegCloseKey
LookupAccountNameW
RegOpenKeyW
RegQueryValueExW
RegEnumKeyW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

StrStrIW

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

h:E
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5437060f43830247e3fcbf18a5576bd9

Headers

File Characteristics

Imports

kernel32

advapi32

version

shlwapi

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1KB

h:E Size: 244KB - Virtual size: 244KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1KB

h:E
Size: 244KB - Virtual size: 244KB