467acdf0faf99a41ff110674219dc9eeaf88aa7469ad5a51372b37b5ce143e1c

Sharing

Copy URL Twitter E-mail

General

Target

467acdf0faf99a41ff110674219dc9eeaf88aa7469ad5a51372b37b5ce143e1c
Size

482KB
MD5

404370f94686fc636175291c1fe3d327
SHA1

de246bc02dbe555755b11216f03c113eed356043
SHA256

467acdf0faf99a41ff110674219dc9eeaf88aa7469ad5a51372b37b5ce143e1c
SHA512

90a76fbb2f3cfc8a20fd41c0764365097314387a86b90df01f96afa30d387b3548c8d984d28ab8d7f00959fd36dda6f591deb36749f0d33b0fc237159a820a81
SSDEEP

6144:7rj2MSl0NvP9lWQwgqONjZSwb7HbYOuq/XRWHR1:63WvP9lNkwvbGq/XRg

Score

N/A

Malware Config

Signatures

Files

467acdf0faf99a41ff110674219dc9eeaf88aa7469ad5a51372b37b5ce143e1c
.exe windows x86

95fb4a3c838f195bb1bb828b220be0a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
DuplicateHandle
GetCurrentProcessId
DeleteFileA
GetSystemDirectoryA
GetConsoleScreenBufferInfo
GetStdHandle
WaitForSingleObject
CreateProcessA
GetCommandLineA
ExpandEnvironmentStringsA
GetFileAttributesA
OpenProcess
GetModuleHandleA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetDriveTypeA
DeviceIoControl
FormatMessageA
LocalAlloc
LoadLibraryA
GetModuleFileNameA
LocalFree
GetStringTypeA
GetProcAddress
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
GetLastError
GetVersion
CloseHandle
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
WriteFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
ReadFile
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetStdHandle
SetFilePointer

user32

GetSysColorBrush
LoadCursorA
SetCursor
InflateRect
GetDlgItem
SendMessageA
EndDialog
SetWindowTextA
DialogBoxIndirectParamA

gdi32

SetMapMode
StartDocA
StartPage
EndPage
EndDoc
GetDeviceCaps

comdlg32

PrintDlgA

advapi32

LookupAccountSidA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetTokenInformation

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 116KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95fb4a3c838f195bb1bb828b220be0a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 116KB - Virtual size: 143KB

.rsrc Size: 316KB - Virtual size: 316KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 116KB - Virtual size: 143KB

.rsrc
Size: 316KB - Virtual size: 316KB