383a530ffc2cb97c022e53892d4d4744e2fe34e28e0654fb61c244bf4094c183

Sharing

Copy URL Twitter E-mail

General

Target

383a530ffc2cb97c022e53892d4d4744e2fe34e28e0654fb61c244bf4094c183
Size

205KB
MD5

332a1564885b61e0dbe35bc43d842120
SHA1

6ee49cc6fe63ef9549baf5ee5b36d91f179c1613
SHA256

383a530ffc2cb97c022e53892d4d4744e2fe34e28e0654fb61c244bf4094c183
SHA512

791cee4b7bb25447517bcd1a8ed777d9deb23e5a6a0cdde3e133b980b18da61a534f45217d8308e6be8559ab8a4debe0fbe5d5991e91477fe07d8473599d9533
SSDEEP

3072:1RV+DwZqku0R8daiiLwGPTprwEDZOrehnWYHKtbWV+ms4Dh2D4WcQj60:tTqku0JEGrlw7qhRWWM/ih2D1j

Score

N/A

Malware Config

Signatures

Files

383a530ffc2cb97c022e53892d4d4744e2fe34e28e0654fb61c244bf4094c183
.exe windows x86

d1ca09c53ba130fe0672a1d94416b343

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
MapViewOfFile
CreateFileMappingA
Sleep
CreateThread
FreeLibrary
LoadLibraryA
DebugActiveProcess
LocalAlloc
GetCurrentProcess
GetComputerNameA
ReadProcessMemory
UnmapViewOfFile
OpenFileMappingA
UnlockFile
LockFile
GetFileSize
WriteProcessMemory
GetVersionExA
GetSystemInfo
GetCurrentProcessId
GetLocalTime
SetEvent
ContinueDebugEvent
WaitForDebugEvent
SetErrorMode
GetProcAddress
lstrcpynA
lstrcpyA
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetCurrentDirectoryA
OpenSemaphoreA
SetEnvironmentVariableA
SetCurrentDirectoryA
RtlUnwind
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetTimeZoneInformation
VirtualProtect
VirtualQuery
InterlockedExchange
LCMapStringA
LCMapStringW
GetLocaleInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
CompareStringA
CompareStringW
GetExitCodeProcess
HeapSize
SetStdHandle
FlushFileBuffers
CreateSemaphoreA
WaitForSingleObject
GetEnvironmentVariableA
CreateFileA
SetFilePointer
ReadFile
CloseHandle
ReleaseSemaphore
WriteFile
GetThreadContext
GetFileAttributesA
lstrcmpiA
GetVersion
WideCharToMultiByte
GetModuleFileNameA
DebugBreak
OutputDebugStringA
GetLastError
FormatMessageA
ExitProcess
GetModuleHandleA
GetStartupInfoA
CreateProcessA
OpenProcess
GetFullPathNameA
TerminateProcess

user32

GetFocus
GetKeyState
SetTimer
PostQuitMessage
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
ShowWindow
CreateDialogParamA
RegisterClassA
LoadCursorA
LoadStringA
GetActiveWindow
DefDlgProcA
GetWindowTextA
GetWindowThreadProcessId
EnumWindows
GetForegroundWindow
PeekMessageA
GetParent
MessageBeep
SendDlgItemMessageA
EnableWindow
GetSystemMenu
AppendMenuA
GetDC
ReleaseDC
DialogBoxParamA
EndDialog
SetWindowTextA
LoadIconA
GetDlgItem
MessageBoxA
EnumChildWindows
SetWindowLongA
GetWindowLongA
UpdateWindow
CallWindowProcA
SetFocus
SendMessageA
GetDlgItemTextA
DefWindowProcA
wsprintfA
WinHelpA
SetForegroundWindow
SetDlgItemTextA
GetDlgCtrlID

gdi32

GetStockObject
SelectObject
GetTextExtentPointA
GetTextMetricsA

advapi32

RegisterEventSourceA
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
CloseEventLog
ClearEventLogA
OpenEventLogA
ReadEventLogA
DeregisterEventSource
ReportEventA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges

comdlg32

GetSaveFileNameA
GetOpenFileNameA

imagehlp

UnDecorateSymbolName
StackWalk
FindDebugInfoFile

winmm

PlaySoundA
waveOutGetNumDevs

shell32

ShellAboutA

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d1ca09c53ba130fe0672a1d94416b343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

imagehlp

winmm

shell32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 25KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 25KB

.rsrc
Size: 88KB - Virtual size: 88KB