7c650280d0aa9828feb81f87c811fd5f8e53a84c611aab59902b762ed7d09d0f

Sharing

Copy URL

Twitter E-mail

General

Target

7c650280d0aa9828feb81f87c811fd5f8e53a84c611aab59902b762ed7d09d0f
Size

384KB
MD5

9d37c2d88562bf9520bbc8186c28dddd
SHA1

3cb57cbab6a3ca96cda1188d09a8f084c8ab3b78
SHA256

7c650280d0aa9828feb81f87c811fd5f8e53a84c611aab59902b762ed7d09d0f
SHA512

bee4f83b1b1e284065f1a7dd08309007cfeef05e3319d6cc0d22259d51be919bbf82a99b83171cbf9af62ce94c53236f20510d9baef551969718e62213fec98e
SSDEEP

6144:W6YkTLi7oZ83Rl/M01nQgDB3rd3GVhwRlMJjORq5vuaYm/DFDs:kkHi7oC3R+01n3DGaTsjG6DBs

Score

N/A

Malware Config

Signatures

Files

7c650280d0aa9828feb81f87c811fd5f8e53a84c611aab59902b762ed7d09d0f
.exe windows x86

5967dae4063f30cb2895e822c30ab850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GetCurrentThread
GetThreadPriority
SetEvent
GetSystemInfo
GetTempFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetDiskFreeSpaceA
GetFileAttributesA
GetCurrentProcess
lstrcpyA
GetModuleFileNameA
GetModuleHandleA
DeleteCriticalSection
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GlobalFree
GetSystemDirectoryA
lstrcmpA
GetLocalTime
WaitForSingleObject
GlobalAlloc
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
DisableThreadLibraryCalls
CopyFileA
DeleteFileA
MoveFileA
OpenFile
ExpandEnvironmentStringsA
VerSetConditionMask
VerifyVersionInfoA
CompareStringA
lstrlenA
GetProcessHeap
HeapAlloc
lstrcatA
HeapFree
GetUserDefaultLCID
GetSystemDefaultLCID
InitializeCriticalSection
OutputDebugStringW
GetSystemTimes
OutputDebugStringA
GlobalMemoryStatus
DeviceIoControl
GetVersionExA
GetModuleHandleW
GetEnvironmentStringsW
GetStdHandle
GetConsoleScreenBufferInfo
LocalFree
CreateFileA
GetLastError
WriteFile
CreateThread
CloseHandle

user32

wsprintfA
FindWindowA
DestroyWindow
IsWindowUnicode
FindWindowW
wsprintfW
CharNextA

advapi32

FreeSid
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegEnumValueA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA

ole32

CoTaskMemFree
CoTaskMemAlloc

msvcrt

toupper
wcscpy
wprintf
fflush
fopen
free
malloc
wcscmp
fwrite
ftell
fseek
exit
time
rewind
asctime
fscanf
remove
fprintf
fclose
setlocale
strlen
printf
wcslen

shlwapi

PathFindExtensionW
SHDeleteKeyA

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

Sections

.text
Size: 316KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 341B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BSS
Size: 4KB - Virtual size: 419B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5967dae4063f30cb2895e822c30ab850

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

shlwapi

rpcrt4

Sections

.text Size: 316KB - Virtual size: 312KB

.xdata Size: 4KB - Virtual size: 341B

.BSS Size: 4KB - Virtual size: 419B

.INIT Size: 4KB - Virtual size: 1KB

.data Size: 52KB - Virtual size: 49KB

.text
Size: 316KB - Virtual size: 312KB

.xdata
Size: 4KB - Virtual size: 341B

.BSS
Size: 4KB - Virtual size: 419B

.INIT
Size: 4KB - Virtual size: 1KB

.data
Size: 52KB - Virtual size: 49KB