237c5881b8ef6089a45f9bdd75a6a1e5aae977ac3e713c6676a508cdca5d591f

Sharing

Copy URL

Twitter E-mail

General

Target

237c5881b8ef6089a45f9bdd75a6a1e5aae977ac3e713c6676a508cdca5d591f
Size

96KB
MD5

92beaf950cb1bded13ba36b770ef7f91
SHA1

4e741a8789569f7b6fc9ff1cce603bb9c797fc22
SHA256

237c5881b8ef6089a45f9bdd75a6a1e5aae977ac3e713c6676a508cdca5d591f
SHA512

9e7da62b22c66dd2e51bab93a6dbe0c0576b4cb276ef5fe849270349fcb9afbe7db2d83dff1798e9046e80c73ec6e9453e505dab7ee8ed829894e4d7925d6675
SSDEEP

1536:RFEdNmSNF1ZVNoh4I545MQ5MSe+dMHPNY5Z8TpyVf94nn2FC9:IdNJNSF+iSlMY5mTp4f902g

Score

N/A

Malware Config

Signatures

Files

237c5881b8ef6089a45f9bdd75a6a1e5aae977ac3e713c6676a508cdca5d591f
.exe windows x86

a26c65acecfc0991a1227ee0a69b27d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

user32

wsprintfA

shlwapi

SHDeleteKeyA

ntdll

strstr
ZwLoadDriver
RtlInitUnicodeString
sprintf
memcpy
memset

kernel32

GetProcessHeap
HeapSize
CreateFileW
GetStringTypeW
LCMapStringW
HeapReAlloc
GetLastError
CloseHandle
MultiByteToWideChar
CreateFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
lstrcmpiA
lstrlenA
WinExec
GetFileAttributesA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
VirtualProtect
VirtualFree
VirtualAlloc
GlobalFree
WriteFile
SizeofResource
LockResource
LoadResource
FindResourceA
GetCurrentProcess
Sleep
OpenProcess
UnmapViewOfFile
FlushViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
SetEndOfFile
SetFilePointer
lstrcatA
GetWindowsDirectoryA
WaitForSingleObject
CreateProcessA
GetModuleFileNameA
CopyFileA
ExitProcess
DeleteFileA
CreateDirectoryA
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
HeapCreate
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
ReadFile
GetModuleHandleW
GetStdHandle
GetModuleFileNameW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
RtlUnwind
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
FlushFileBuffers
WriteConsoleW
LoadLibraryW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a26c65acecfc0991a1227ee0a69b27d4

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

shlwapi

ntdll

kernel32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 4KB - Virtual size: 3KB