9f5ea4449daaa67e8af9a9a7fbdfd53646e20c75d2e2f69fcd8ca6387414d414

Sharing

Copy URL

Twitter E-mail

General

Target

9f5ea4449daaa67e8af9a9a7fbdfd53646e20c75d2e2f69fcd8ca6387414d414
Size

335KB
MD5

0ce4b9edc66c5949045149eebc281fd9
SHA1

dff48bd39b57a579d2290a27a2ec91add7b61c6e
SHA256

9f5ea4449daaa67e8af9a9a7fbdfd53646e20c75d2e2f69fcd8ca6387414d414
SHA512

eaebccf3869eff1834a4b5ca7a7f57f1718e2154624cc9bcfef6e9cae6abfdee33216b192a1cd29c55cae6b57833deae55e24d445e85e28d657e5c3a0f175d3d
SSDEEP

6144:9G1Hh26baQcVXRhM1O0x/lZklPWY9y8pBNdwWmAG72IQnSwfPGTzE5zX////////:9WoFLnhM1NHA+OlGAGanHPEzo

Score

N/A

Malware Config

Signatures

Files

9f5ea4449daaa67e8af9a9a7fbdfd53646e20c75d2e2f69fcd8ca6387414d414
.exe windows x86

a596a553ed2efc64345b030f6d12df83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenBackupEventLogA
OpenBackupEventLogW
RegOverridePredefKey
RegConnectRegistryA
RegRestoreKeyA
AdjustTokenGroups
RegSetValueExA
RegQueryInfoKeyA
RegReplaceKeyA

shlwapi

PathSearchAndQualifyA
PathIsUNCW
StrCSpnIW
PathRemoveExtensionA
PathAppendW
SHRegDeleteEmptyUSKeyW
PathStripPathA
PathCompactPathW
PathAddExtensionA
PathGetArgsW
PathParseIconLocationW
StrTrimA
PathRemoveBlanksA
PathUnmakeSystemFolderW
StrStrIA

kernel32

GetModuleHandleA
FreeEnvironmentStringsA
GetProcAddress
WriteProfileStringA
GetCurrencyFormatA
LocalAlloc
WaitForMultipleObjects
HeapFree
GetProcessHeap
GlobalFree
ReleaseSemaphore
GetStringTypeW
GetCPInfoExA
CreateSemaphoreA
GetUserDefaultLangID
VerLanguageNameA
VirtualAllocEx
LocalLock
GetStartupInfoA

version

VerFindFileA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerInstallFileA

netapi32

NetGroupSetInfo
NetGroupGetInfo
NetConfigGetAll
NetErrorLogClear
NetGetAnyDCName
NetConnectionEnum
NetGroupAdd
NetErrorLogWrite
NetConfigGet
NetAuditRead
NetFileEnum
NetGetDCName
NetAuditWrite
Netbios

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a596a553ed2efc64345b030f6d12df83

Headers

File Characteristics

Imports

advapi32

shlwapi

kernel32

version

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 311KB - Virtual size: 415KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 311KB - Virtual size: 415KB

.rsrc
Size: 6KB - Virtual size: 5KB