5a1c34885f214d86d3670999b8e04276df7f3e75fb89101acc1ca0e9e2b5c07c

Sharing

Copy URL Twitter E-mail

General

Target

5a1c34885f214d86d3670999b8e04276df7f3e75fb89101acc1ca0e9e2b5c07c
Size

1.3MB
MD5

21a0e6f7013dd6193d0af55bd71b40c0
SHA1

354c974d6c1586cf59f7ef94caba37c0ad3b0f62
SHA256

5a1c34885f214d86d3670999b8e04276df7f3e75fb89101acc1ca0e9e2b5c07c
SHA512

dde4860593f344e9db6fb02935035e264c12ec6d5435bedd129e7372f62f90f96dca6d8cf4fd76c858235167b9cea5ece5e3dd66119f81c6f2a7acbad02db0ad
SSDEEP

24576:BxKaC7hCPLYeZCoql16Yig/7u6b8XDhrx4Tq+WpSP5KT5D0ULP:nnPdZCoVAoThSTVWpSP5KT5D7LP

Score

N/A

Malware Config

Signatures

Files

5a1c34885f214d86d3670999b8e04276df7f3e75fb89101acc1ca0e9e2b5c07c
.exe windows x86

495433c9b3167d488f597a71a6b7a26b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW

wininet

InternetCloseHandle
HttpOpenRequestW
HttpSendRequestW

kernel32

SetFilePointer
FindClose
CloseHandle
GetTickCount
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FindResourceExW
GetTempPathW
CreateDirectoryW
CreateFileW
GetFileAttributesW
FindFirstFileW
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryA
FreeLibrary
OpenProcess
GetCurrentProcess
TerminateProcess
WaitForSingleObject
LockFile
UnlockFile
LockFileEx
GetSystemTime
GetSystemTimeAsFileTime
TlsAlloc
TlsGetValue
TlsSetValue
GetTempPathA
GetFullPathNameA
GetFullPathNameW
CreateFileA
SetEndOfFile
DeleteFileA
DeleteFileW
AreFileApisANSI
GetVersionExW
GetVersion
LocalFree
SetLastError
FileTimeToSystemTime
DosDateTimeToFileTime
GetFileTime
SetFileTime
RaiseException
InitializeCriticalSectionAndSpinCount
DecodePointer
GetCurrentThreadId
GetModuleHandleA
GetFileType
GetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FlushFileBuffers
ReadFile
WriteFile
GetFileSizeEx
GetFileSize
SizeofResource
LoadResource
Sleep
GetLastError
HeapSize
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcAddress
LockResource
WriteConsoleW
SetEnvironmentVariableA
GetConsoleCP
SetFilePointerEx
GetTimeZoneInformation
GetFileAttributesA
SetStdHandle
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoW
TlsFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
OutputDebugStringW
GetStringTypeW
EncodePointer
RtlUnwind
GetCPInfo
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
GetCommandLineW
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
LoadLibraryExW

user32

GetUserObjectInformationW
GetWindowThreadProcessId
EnumWindows
PostMessageW
GetDesktopWindow
MessageBoxA
GetProcessWindowStation

advapi32

ReportEventA
DeregisterEventSource
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegisterEventSourceA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 884KB - Virtual size: 883KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

495433c9b3167d488f597a71a6b7a26b

Headers

DLL Characteristics

File Characteristics

Imports

version

wininet

kernel32

user32

advapi32

ole32

Sections

.text Size: 884KB - Virtual size: 883KB

.rdata Size: 259KB - Virtual size: 258KB

.data Size: 26KB - Virtual size: 43KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 25KB - Virtual size: 25KB

.rmnet Size: 54KB - Virtual size: 56KB

.rmnet Size: 54KB - Virtual size: 56KB

.text
Size: 884KB - Virtual size: 883KB

.rdata
Size: 259KB - Virtual size: 258KB

.data
Size: 26KB - Virtual size: 43KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 25KB - Virtual size: 25KB

.rmnet
Size: 54KB - Virtual size: 56KB

.rmnet
Size: 54KB - Virtual size: 56KB