146009a504b3bdc19e6792fad21d9d68c2c7bb98be2081729f039de8310ba1ee

General

Target

146009a504b3bdc19e6792fad21d9d68c2c7bb98be2081729f039de8310ba1ee
Size

20.0MB
MD5

9e558f92887acc86b341ce504e6cbaa9
SHA1

7ac37acbca603715c7b546ac78a645d6a97984e8
SHA256

146009a504b3bdc19e6792fad21d9d68c2c7bb98be2081729f039de8310ba1ee
SHA512

222567f0d273ce5a4747fa8e062626ef3b8594ee07f0c04efea364140b3d22dc6ac14500ead873aea22798f17e3cc524c42c36efdf8e912b1dd88c773b3632d6
SSDEEP

1536:hWkSXkzToXjFTapUAP5wRftw2bQFGZVH02wgOPPIve3DoyxPeu:3S1X5m5wRftw2rZe2wHXMe3Dsu

Score

N/A

Malware Config

Signatures

Files

146009a504b3bdc19e6792fad21d9d68c2c7bb98be2081729f039de8310ba1ee
.exe windows x86

c542d26838f395f4eda02602805962e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FreeLibrary
GetProcAddress
GetLastError
VirtualAlloc
VirtualFree
TerminateProcess
GetModuleFileNameA
FindFirstFileA
FindClose
DeleteFileA
CreateDirectoryA
GetTempPathA
MoveFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapFree
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
RtlUnwind
HeapAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
CreateFileA
HeapReAlloc
SetStdHandle
FlushFileBuffers
ReadFile
SetEndOfFile
CloseHandle
UnhandledExceptionFilter

user32

UpdateWindow
SetTimer
DialogBoxParamA
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
LoadStringA
PostQuitMessage
EndDialog
KillTimer
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
ShowWindow

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c542d26838f395f4eda02602805962e4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 68KB - Virtual size: 70KB

.rsrc Size: 4KB - Virtual size: 688B

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 68KB - Virtual size: 70KB

.rsrc
Size: 4KB - Virtual size: 688B