61079c3fda687851fe7f6021c4fe252657a87d2d00af8901e068d179dea4b8c7

Sharing

Copy URL Twitter E-mail

General

Target

61079c3fda687851fe7f6021c4fe252657a87d2d00af8901e068d179dea4b8c7
Size

180KB
MD5

04db03f30bdd545125f85cbc5294ba38
SHA1

9556c70b31b2607e388fd98f210a089fd7778d79
SHA256

61079c3fda687851fe7f6021c4fe252657a87d2d00af8901e068d179dea4b8c7
SHA512

89dd27682641db1c98fd2abf5a15849ae7378683ff984c0b329ca587400579b1bb4c0481d384265ebd340d0d6fa630cae2cfe1cfd21eb96594b94ce7c90f3301
SSDEEP

3072:XFArcQBytTWnqTEWlzbpaJIyD0CjTxtCDaQs6ju+ICYJgiy:XFa7BKTWnqTEWlzbp5ETG2YaJgi

Score

N/A

Malware Config

Signatures

Files

61079c3fda687851fe7f6021c4fe252657a87d2d00af8901e068d179dea4b8c7
.exe windows x86

f91edcceb94100d82334b6c4fafbe1f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegCloseKey
RegSetValueA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
IsTextUnicode
DeregisterEventSource
ReportEventW
LookupAccountNameW
GetUserNameW
RegisterEventSourceW
ImpersonateLoggedOnUser
RegOpenKeyExW
RegCreateKeyExA
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegSetValueExA

kernel32

GetCommandLineA
lstrlenW
GetCommandLineW
HeapAlloc
HeapFree
GetProcessHeap
GetProcAddress
GetModuleFileNameA
CreateEventA
CreateThread
CloseHandle
SetEvent
FormatMessageW
LocalAlloc
LocalFree
FormatMessageA
GetVersionExA
GetModuleFileNameW
LoadLibraryA
FreeLibrary
lstrlenA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
OutputDebugStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetStartupInfoA
GetModuleHandleA
ExitProcess
InterlockedDecrement
InterlockedExchange
InterlockedCompareExchange
InterlockedIncrement
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetACP
FindClose
CreateFileW
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetPrivateProfileIntW
GetPrivateProfileIntA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetFullPathNameW
GetFullPathNameA
GetLocaleInfoA
LoadLibraryExA
HeapReAlloc
GetStdHandle
GetConsoleMode
GetSystemDirectoryA
GetTempPathA
GetTempFileNameA
FindFirstFileA
GetFileAttributesA
FindFirstFileW
GetFileAttributesW
GetCPInfo
GetUserDefaultLCID
FlushFileBuffers
WriteFile
CreateFileA

user32

KillTimer
PostQuitMessage
DefWindowProcA
SetTimer
SetWindowLongA
EnumThreadWindows
CreateWindowExA
RegisterClassA
GetClassInfoA
CharNextA
LoadStringA
LoadStringW
IsWindowVisible
PostMessageA
SendMessageA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
GetParent
PostThreadMessageA
MessageBoxW
GetActiveWindow
DispatchMessageA
GetMessageA
GetClassNameA
GetWindowLongA

msvcrt

??2@YAPAXI@Z
memset
_endthread
_beginthread
_vsnprintf
_errno
_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
ferror
wctomb
_itoa
_snprintf
isleadbyte
mbtowc
free
malloc
memmove
memcpy
_iob
__mb_cur_max
_swab
wcsrchr
_itow
??3@YAXPAX@Z

oleaut32

UnRegisterTypeLi
LoadTypeLibEx
SysAllocString
LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
SafeArrayGetLBound
SafeArrayCopy
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
LoadTypeLi
VariantInit
VariantCopy
VariantClear
CreateErrorInfo
SetErrorInfo
SysAllocStringByteLen

ole32

CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoUninitialize
CoInitialize
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
StringFromCLSID
CoGetMalloc
CreateBindCtx
CreateFileMoniker
CoInitializeSecurity
CoRegisterMessageFilter
CLSIDFromString
CLSIDFromProgID
MkParseDisplayName
CoGetClassObject

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f91edcceb94100d82334b6c4fafbe1f8

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

oleaut32

ole32

version

Sections

.text Size: 80KB - Virtual size: 76KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 40KB - Virtual size: 37KB

.reloc Size: 52KB - Virtual size: 52KB

.text
Size: 80KB - Virtual size: 76KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 40KB - Virtual size: 37KB

.reloc
Size: 52KB - Virtual size: 52KB