5df4801695888d9f45d8b7fa662507eb5cfff14527565114c10e430321ff3e84

Sharing

Copy URL

Twitter E-mail

General

Target

5df4801695888d9f45d8b7fa662507eb5cfff14527565114c10e430321ff3e84
Size

180KB
MD5

3b079bc13ea903c66f6a78a257c4ddf0
SHA1

4ad628d6f213e209d5f835cc6a03aae8e8ae7add
SHA256

5df4801695888d9f45d8b7fa662507eb5cfff14527565114c10e430321ff3e84
SHA512

5b558b5211c9393c911936a1280840c06daacf0481eee117ea013a2d5c757008057406f459c67b9d6264261b398262ad3b8dfd68e125d62bab316f6161d156b8
SSDEEP

3072:tYEZfre/ORYtUbtKV+ouqdQmrVxI84+Na00WCXx0dMqn26VJ9CJWW6Qc/:tZeWvbahWD+Na00WCB0e65Vv4

Score

N/A

Malware Config

Signatures

Files

5df4801695888d9f45d8b7fa662507eb5cfff14527565114c10e430321ff3e84
.exe windows x86

17ad067a6ea71d78ad5e25603c121f56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
LoadLibraryA
GetProcAddress
FreeLibrary
GetFileAttributesW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapAlloc
GetProcessHeap
HeapFree
MultiByteToWideChar
GetFileSizeEx
GlobalAlloc
ReadFile
FileTimeToSystemTime
CreateFileW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
CloseHandle
CreateProcessW
GetModuleHandleW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
ExitProcess
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW

user32

GetSystemMetrics
UnregisterClassA

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyW

shell32

SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal

shlwapi

PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

17ad067a6ea71d78ad5e25603c121f56

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 76KB - Virtual size: 76KB