1b8ee260e7fe7102034b441e737b3f40ffbaf74d9f186ff50d801b63e5f6920a

Sharing

Copy URL

Twitter E-mail

General

Target

1b8ee260e7fe7102034b441e737b3f40ffbaf74d9f186ff50d801b63e5f6920a
Size

659KB
MD5

3b1cdfd72d3b71bd450d848bd9aeea30
SHA1

14fb6b8b09cb3cd670b8c2c1d551a7d1049b3cff
SHA256

1b8ee260e7fe7102034b441e737b3f40ffbaf74d9f186ff50d801b63e5f6920a
SHA512

175836a7eede7f5993a0bb65f7320384f44be7148d69040874ddd915aa3577293e4b8d54bca38b3acada0b99bb3ba03a43af9213c03e629de700aa86088b3276
SSDEEP

12288:GUK1/jBwRzhotbf+rGUXfhM2eo9SZm5qljzJsvapSMcnJ:GnBKq7Ne9SZmq3ga/

Score

N/A

Malware Config

Signatures

Files

1b8ee260e7fe7102034b441e737b3f40ffbaf74d9f186ff50d801b63e5f6920a
.exe windows x86

00e538f9a16d968a1d35d6d41af1971f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

kernel32

FormatMessageW
GetLastError
LocalAlloc
LocalFree
GetTempPathW
FreeLibrary
LoadLibraryW
GetProcAddress
CreateFileA
ReadFile
GetProcessHeap
GetLocalTime
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
VirtualAlloc
HeapReAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
CreateFileW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEndOfFile

shlwapi

SHDeleteKeyW
PathFileExistsW

user32

MessageBoxW

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 564KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

00e538f9a16d968a1d35d6d41af1971f

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

shlwapi

user32

Sections

.text Size: 88KB - Virtual size: 88KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 564KB - Virtual size: 2.3MB

.text
Size: 88KB - Virtual size: 88KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 564KB - Virtual size: 2.3MB