586a415463a8f77ea664120dae613fb8b16420f4c662b25f7fe7007cd5049ccf

Sharing

Copy URL Twitter E-mail

General

Target

586a415463a8f77ea664120dae613fb8b16420f4c662b25f7fe7007cd5049ccf
Size

207KB
MD5

402ecc25c951ba1a2fb70c23bd96bfe0
SHA1

89bfb56c772cf3b2d5efccdc2e0a25bc552d1526
SHA256

586a415463a8f77ea664120dae613fb8b16420f4c662b25f7fe7007cd5049ccf
SHA512

d2a177d22ace030844732e44529ac9eb1854299762ef8d974228550bab3a5e1082d736e3a7077e17a517f8ac8168ee88c3ef8b41d3b00bef7caf0a0c4ab4b4de
SSDEEP

3072:5fCegH6L5lRCvVLG7KaqrmpEGn+e2DYA+e1/jOWWe3NqgVurQN8L9LYrVvaUh3BA:5qlHykvVLAKRrYn+JV1/irm8Zkrth3BA

Score

N/A

Malware Config

Signatures

Files

586a415463a8f77ea664120dae613fb8b16420f4c662b25f7fe7007cd5049ccf
.exe windows x86

af61b63e8a1da7aadfb37791ff523650

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
OpenProcess
GetCurrentProcess
CreateProcessW
GetFileAttributesW
DeviceIoControl
CreateFileW
GetCurrentProcessId
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
FindClose
GetLastError
FindFirstFileW
GetWindowsDirectoryW
LoadLibraryW
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
Sleep
GetVersionExW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
GetLongPathNameW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
ExpandEnvironmentStringsW
CreateFileA
SystemTimeToFileTime
GetSystemTimeAsFileTime
LocalFileTimeToFileTime
SetFilePointerEx
WriteFile
ReadFile
GetFileSizeEx
OutputDebugStringW
FormatMessageW
MultiByteToWideChar
SetLastError
GetCurrentThreadId
LocalFree
GetSystemTime
GetEnvironmentVariableW
CreateMutexW
TlsGetValue
HeapAlloc
SetEnvironmentVariableW
HeapFree
WaitForSingleObject
GetProcessHeap
TlsSetValue
OpenThread
ReleaseMutex
TlsAlloc
TlsFree
GetStartupInfoW
RtlUnwind
HeapReAlloc
SetUnhandledExceptionFilter
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
VirtualAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RaiseException
LCMapStringA
WideCharToMultiByte
CloseHandle

user32

DdeDisconnect
DdeClientTransaction
WaitForInputIdle
DdeInitializeW
DdeGetLastError
DdeUninitialize
DdeCreateStringHandleW
DdeConnect
DdeFreeStringHandle

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegQueryValueExA

ole32

CoCreateInstance
CoInitialize

shell32

ShellExecuteExW

shlwapi

PathRemoveFileSpecW
StrStrIW

psapi

GetModuleFileNameExW

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af61b63e8a1da7aadfb37791ff523650

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

shlwapi

psapi

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 87KB - Virtual size: 88KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 87KB - Virtual size: 88KB