26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749

Sharing

Copy URL

Twitter E-mail

General

Target

26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749
Size

182KB
MD5

366d1773468b870f7c6107efb0e9aa70
SHA1

4a8ad564be4460824e5e6048246213d40161c394
SHA256

26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749
SHA512

1a142a296d267ff2931ffe1709a9bc9890ced9ce105e22eb8650e154ecd32fb45294d871667c1e27a2d5813ef853fb9f606225431c59196b8b75a798fe9d4f1f
SSDEEP

3072:g96kfLhHSdldQEcRIPOBU4OkvDxutbY1ufFCqZ9rcbCE0M4HJ29Yv:g96kfLVSl3cKJ4OkbcbkwCqZ9rfM4Hz

Score

N/A

Malware Config

Signatures

Files

26f8ac295a2947028e47839e346ccf0926dcd28b7f500009f385a18c6ebf8749
.exe windows x86

aed1befd5487f60b937a174925f1c789

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
LocalFileTimeToFileTime
FindFirstFileA
lstrcatA
CreateFileA
GetTickCount
ReadFile
SetFilePointer
SizeofResource
LockResource
LoadResource
FindResourceA
WaitForSingleObject
CopyFileA
WinExec
lstrcpyA
WritePrivateProfileStringA
GetTempPathA
CreateDirectoryA
GetFileAttributesA
SetUnhandledExceptionFilter
GetWindowsDirectoryA
ReleaseMutex
CreateMutexA
GetCommandLineA
Sleep
GetStartupInfoA
lstrlenA
MoveFileA
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetProcAddress
CloseHandle
FreeLibrary
GetModuleHandleA
HeapAlloc
GetProcessHeap
GetLastError
LoadLibraryA
HeapFree

user32

UpdateWindow
CreateWindowExA
TranslateMessage
DispatchMessageA
DefWindowProcA
RegisterClassExA
PostThreadMessageA
ShowWindow
LoadIconA
BlockInput
GetMessageA
wsprintfA
GetInputState

msvcrt

fopen
rand
srand
time
strchr
strstr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
fclose
??3@YAXPAX@Z
??2@YAPAXI@Z
malloc
_except_handler3
_stricmp
fwrite

advapi32

GetAce
EqualSid
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetFileSecurityA
InitializeAcl
GetLengthSid
GetAclInformation
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetFileSecurityA
LookupAccountNameA
GetUserNameA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
AddAce

shell32

SHGetSpecialFolderPathA
ShellExecuteA

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed1befd5487f60b937a174925f1c789

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

shell32

netapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 912B

.rsrc Size: 169KB - Virtual size: 169KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 912B

.rsrc
Size: 169KB - Virtual size: 169KB