73be1d11afc19ffa6e60aa9ab132252d9c4888a008e0ca27506173569fdfeceb

Sharing

Copy URL Twitter E-mail

General

Target

73be1d11afc19ffa6e60aa9ab132252d9c4888a008e0ca27506173569fdfeceb
Size

4.0MB
MD5

26c6b26aa5ce55d213cf96644d8b8331
SHA1

2ab5230583563945fc397496a2cd7bb74abd13cc
SHA256

73be1d11afc19ffa6e60aa9ab132252d9c4888a008e0ca27506173569fdfeceb
SHA512

b4ba8ba2109a64677c7a0e14a2e2470a3444ba89fdc0cc076dd747eb51b793b84183fada10527166ff847c7cb784bd23c952e5444b45b638ca9307d92dcc96fb
SSDEEP

98304:94rdWPDd0gvRBLbwjGwCG+7uj4d9Q7aOuxojbqq:6oP50cRBHLw0uEO7avxoiq

Score

N/A

Malware Config

Signatures

Files

73be1d11afc19ffa6e60aa9ab132252d9c4888a008e0ca27506173569fdfeceb
.exe windows x86

a15aae601c10bc7090e63fb3edd97d37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathAppendA
StrDupA

wintrust

WinVerifyTrust

kernel32

CreateFileA
GetFileSize
FindFirstFileW
SetFilePointer
lstrlenA
WritePrivateProfileStructA
GetLocaleInfoA
VirtualQuery
FreeLibrary
InterlockedIncrement
MoveFileExW
InterlockedDecrement
CreateDirectoryW
WaitForSingleObject
InterlockedCompareExchange
GetWindowsDirectoryA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
Sleep
GetVersionExW
GetFileAttributesA
GetFileAttributesW
ReadFile
GetACP
MultiByteToWideChar
FindFirstFileA
GetLastError
GetCurrentDirectoryW
GetThreadLocale
GetProcAddress
FindClose
GetPrivateProfileStringA
GetLocalTime
LoadLibraryA
RemoveDirectoryW
GetModuleFileNameA
CreateMutexA
FindNextFileW
DeleteCriticalSection
GetShortPathNameW
GetCurrentThreadId
OutputDebugStringA
ReleaseMutex
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
SetFileAttributesW
FindResourceA
lstrcmpA
lstrcpynA
LoadResource
GetTickCount
SizeofResource
LeaveCriticalSection
GetSystemDirectoryA
CreateDirectoryA
GetLongPathNameA
EnterCriticalSection
LockResource
GetTempPathA
LocalFree
lstrcpyA
IsBadReadPtr
SystemTimeToFileTime
lstrlenW
GetShortPathNameA
GetModuleHandleA
WriteConsoleW
FlushFileBuffers
GetPrivateProfileStructA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
LocalAlloc
InterlockedExchange
RaiseException
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
HeapReAlloc
ExitProcess
GetStdHandle
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a15aae601c10bc7090e63fb3edd97d37

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wintrust

kernel32

oleaut32

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 3.8MB - Virtual size: 3.8MB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

.reloc
Size: 14KB - Virtual size: 13KB