2b94663cdb92d10e500356dcb69f9a79a4ac79a5bf9e12335b229a2dff223d79

Sharing

Copy URL Twitter E-mail

General

Target

2b94663cdb92d10e500356dcb69f9a79a4ac79a5bf9e12335b229a2dff223d79
Size

42KB
MD5

a33c497d2408d3caee25cd8d4bb978b6
SHA1

ac5663f67d9d67234bf85595ffa4aab49b9fdb95
SHA256

2b94663cdb92d10e500356dcb69f9a79a4ac79a5bf9e12335b229a2dff223d79
SHA512

5a13f83efcce5bcd0d1df1d53e4591cbc44846830df38de03336afc3c6b64b4e2549c45216e343c0388431ca9b4077b6741eb832522dde40cf92efe63b38cc69
SSDEEP

768:G4HSG2oLXxCALAtZ29WHEVGjgC9kF2sLRXeeGALPY4QB51Q2pg75tfl7LT4:vHSqLX0ALAPkMcxRxLpQnSAI3lLT4

Score

N/A

Malware Config

Signatures

Files

2b94663cdb92d10e500356dcb69f9a79a4ac79a5bf9e12335b229a2dff223d79
.exe windows x86

cd2368b7d21356a7d7915b25bec9437e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

kernel32

SetFilePointer
SetErrorMode
FreeLibrary
CreateProcessW
LoadLibraryExW
GetCurrentProcess
WaitForSingleObject
GetModuleHandleW
GetSystemDirectoryW
WideCharToMultiByte
FormatMessageW
GetExitCodeProcess
GetNativeSystemInfo
CreateFileW
lstrcmpW
lstrlenW
Wow64EnableWow64FsRedirection
GetLastError
GetProcAddress
LocalAlloc
IsWow64Process
HeapSetInformation
CloseHandle
UnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
Sleep
GetCommandLineW
ReadFile
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount

user32

LoadStringW
CharNextW

msvcrt

_cexit
__p__fmode
__setusermatherr
_initterm
_wcmdln
?terminate@@YAXXZ
_controlfp
_except_handler4_common
_exit
__wgetmainargs
_amsg_exit
__p__commode
_XcptFilter
__argc
wcscpy_s
wcscat_s
__wargv
_wsplitpath_s
wcsncpy_s
swprintf_s
exit
__set_app_type
strcat_s
memset

ole32

OleInitialize
OleUninitialize

ntdll

EtwEventWriteNoRegistration
NtSetInformationProcess
RtlImageNtHeader

comctl32

ord344

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ffnofvc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd2368b7d21356a7d7915b25bec9437e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

ole32

ntdll

comctl32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 28KB - Virtual size: 29KB

ffnofvc Size: - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 28KB - Virtual size: 29KB

ffnofvc
Size: - Virtual size: 4KB