994085c38111d83863a969a7baea21e6b52238b6218fde24c26fedadb885dc35

Sharing

Copy URL

Twitter E-mail

General

Target

994085c38111d83863a969a7baea21e6b52238b6218fde24c26fedadb885dc35
Size

492KB
MD5

846d62c75a33ec1c85e50435b6dbed55
SHA1

425c1e70d448208cfec34a582c2aaebb50442331
SHA256

994085c38111d83863a969a7baea21e6b52238b6218fde24c26fedadb885dc35
SHA512

9ce11dcea294747cd6b19c6311bea6cb3a0141b85727c7ef919ff664a9855d0488604610942009b65891e450359aa09601c76d486d3f1f1d6535f73c4888f6d0
SSDEEP

12288:GSBxx1sUUuCLyDEhAZ63AnZ6wITRHhiVK4p0WzVd65VUbtJwfXv:pxxe/uCLyDE+83sZ6VRHgTi5VSHwfX

Score

N/A

Malware Config

Signatures

Files

994085c38111d83863a969a7baea21e6b52238b6218fde24c26fedadb885dc35
.exe windows x86

263c874eff48d6bf529c3a0c336e4135

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetCommandLineA
HeapDestroy
InterlockedExchange
TlsFree
OpenMutexA
CreateFileA
WriteFile
DeleteCriticalSection
GetCPInfo
GetConsoleOutputCP
GetCurrentProcess
GetStringTypeA
HeapFree
SetConsoleCtrlHandler
IsValidCodePage
CreateMutexA
ExitProcess
SetStdHandle
HeapAlloc
QueryPerformanceCounter
TerminateProcess
SetLastError
GetTimeFormatA
SetFilePointer
InterlockedDecrement
WriteConsoleA
GetEnvironmentStrings
ReadFile
InitializeCriticalSection
EnterCriticalSection
TlsAlloc
HeapCreate
SetEnvironmentVariableA
LoadLibraryA
WideCharToMultiByte
GetSystemTimeAsFileTime
GetModuleFileNameA
GetTickCount
VirtualQuery
InterlockedIncrement
GetLastError
GetVersionExA
FreeEnvironmentStringsA
EnumSystemLocalesA
WriteConsoleW
GetFileType
HeapSize
GetLocaleInfoW
IsDebuggerPresent
FreeEnvironmentStringsW
RtlUnwind
CompareStringA
GetCurrentThreadId
GetStdHandle
IsValidLocale
FreeLibrary
GetOEMCP
VirtualFree
SetHandleCount
GetThreadPriority
LeaveCriticalSection
SetUnhandledExceptionFilter
GetEnvironmentStringsW
TlsGetValue
GetProcessHeap
GetLocaleInfoA
GetACP
GetCurrentProcessId
CompareStringW
GetStringTypeW
GetCurrentThread
GetConsoleCP
LCMapStringW
VirtualAlloc
Sleep
GetProcAddress
HeapReAlloc
GetDateFormatA
TlsSetValue
UnhandledExceptionFilter
CloseHandle
FindNextChangeNotification
LCMapStringA
GetTimeZoneInformation
MultiByteToWideChar
GetStartupInfoA
GetModuleHandleA
GetUserDefaultLCID
GetConsoleMode

advapi32

RegCreateKeyExA
CryptAcquireContextW
CryptVerifySignatureW
RegNotifyChangeKeyValue
RegQueryValueW
LookupPrivilegeNameW
RegQueryValueExW
RegDeleteValueA
RegEnumKeyA
CryptDestroyKey
CryptSignHashW
LookupPrivilegeNameA
LookupSecurityDescriptorPartsA
RegCreateKeyW
CryptGetKeyParam
RegLoadKeyA
CryptGenRandom
CryptSetProviderW

user32

RegisterClassA
GetClipboardFormatNameA
DefWindowProcW
LoadStringW
ShowWindowAsync
GetKBCodePage
GetDlgCtrlID
GetClassWord
DdeImpersonateClient
IsDlgButtonChecked
GetKeyboardType
VkKeyScanW
DdeInitializeW
GetActiveWindow
RegisterClassExA
IsCharAlphaA
GetMenuCheckMarkDimensions

gdi32

InvertRgn
PlayMetaFile
EnumFontsA

comctl32

InitCommonControlsEx

Sections

.text
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

263c874eff48d6bf529c3a0c336e4135

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

comctl32

Sections

.text Size: 341KB - Virtual size: 341KB

.rdata Size: 35KB - Virtual size: 64KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 341KB - Virtual size: 341KB

.rdata
Size: 35KB - Virtual size: 64KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 10KB - Virtual size: 9KB