707265a9ad832ec91e8b42cb3f90e92142a9f5dc95b4e106294f822724a325a3

Sharing

Copy URL Twitter E-mail

General

Target

707265a9ad832ec91e8b42cb3f90e92142a9f5dc95b4e106294f822724a325a3
Size

487KB
MD5

90652c2059129c1bf6c6e29fcd24b590
SHA1

670b8bd2713a006060d1e99d89821b0237f5c817
SHA256

707265a9ad832ec91e8b42cb3f90e92142a9f5dc95b4e106294f822724a325a3
SHA512

7992ccb042abb4143932f8afc3670e684c94e4a3b1b844f97ddcf6a74cee9846a57ab523f20d779103c4fbbcc6f46174098a44d4ca01a5077bf9b7ae2a569c0a
SSDEEP

12288:Q97KcMz/OFRSlfJBid3JdiWHD7K20eNq+/TPciv5ELDFZW7:c7Kp/OFRSlf2rybeN77PxRcw

Score

N/A

Malware Config

Signatures

Files

707265a9ad832ec91e8b42cb3f90e92142a9f5dc95b4e106294f822724a325a3
.exe windows x86

5ea68be402e813c1429c6ce44e902c4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyA
RegSetValueA
RegQueryInfoKeyA
CryptDeriveKey
RegReplaceKeyA
ReportEventW
LookupPrivilegeValueA
RegCreateKeyExA
CryptDestroyHash
RegDeleteValueW
RegOpenKeyExA
AbortSystemShutdownW
CryptDuplicateHash

comctl32

CreateMappedBitmap
ImageList_Create
CreateStatusWindowA
CreateStatusWindowW
MakeDragList
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_GetFlags
ImageList_BeginDrag
ImageList_Replace
ImageList_SetOverlayImage

user32

RegisterDeviceNotificationW
MessageBoxA
GetClassNameW
WinHelpW
CreateWindowExW
IsCharLowerW
UnloadKeyboardLayout
DefWindowProcW
DialogBoxIndirectParamW
GetAncestor
DestroyWindow
TrackPopupMenu
ExcludeUpdateRgn
SetUserObjectSecurity
IsZoomed
DdeDisconnect
ShowWindow
RegisterClassExA
RegisterClassA

comdlg32

FindTextW
ChooseFontW

kernel32

GetStdHandle
InterlockedDecrement
CompareStringW
HeapReAlloc
SetLastError
MultiByteToWideChar
OpenMutexA
TlsGetValue
GetCurrentThread
UnhandledExceptionFilter
InterlockedIncrement
GetStartupInfoW
GetNamedPipeInfo
WideCharToMultiByte
DeleteCriticalSection
GetCommandLineA
LeaveCriticalSection
GetModuleFileNameW
GetCPInfo
HeapCreate
TlsAlloc
LCMapStringA
GetTempFileNameA
FindResourceA
GetTimeFormatW
GetFileType
CompareStringA
GetLocalTime
VirtualQuery
EnterCriticalSection
SetEnvironmentVariableA
HeapAlloc
WriteFile
FreeEnvironmentStringsA
GetProcAddress
SetStdHandle
LoadLibraryA
GetStringTypeA
SetFilePointer
GetEnvironmentStringsW
FillConsoleOutputAttribute
InterlockedExchange
GetTimeZoneInformation
GetCurrentProcess
TerminateProcess
TlsFree
GetSystemTimeAsFileTime
RtlUnwind
CreateMutexA
GetTickCount
GetModuleHandleA
GetSystemTime
SetHandleCount
GetProfileStringA
HeapDestroy
IsBadWritePtr
GetLastError
GetVersion
VirtualFree
CloseHandle
GetEnvironmentStrings
TlsSetValue
ExitProcess
LCMapStringW
FreeEnvironmentStringsW
FlushFileBuffers
InitializeCriticalSection
HeapFree
QueryPerformanceCounter
ReadFile
GetStringTypeW
GetCurrentThreadId
GetCommandLineW
GetModuleFileNameA
GetCurrentProcessId
GetStartupInfoA
VirtualAlloc

shell32

ShellAboutW
SheGetDirA
ExtractAssociatedIconW
SHQueryRecycleBinA

Sections

.text
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ea68be402e813c1429c6ce44e902c4e

Headers

File Characteristics

Imports

advapi32

comctl32

user32

comdlg32

kernel32

shell32

Sections

.text Size: 306KB - Virtual size: 306KB

.rdata Size: 61KB - Virtual size: 71KB

.data Size: 111KB - Virtual size: 111KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 306KB - Virtual size: 306KB

.rdata
Size: 61KB - Virtual size: 71KB

.data
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 6KB - Virtual size: 6KB