541b992d6a7ea9941332532c37f9531610f9be349d515aba613d31c7fe771ad0

Sharing

Copy URL Twitter E-mail

General

Target

541b992d6a7ea9941332532c37f9531610f9be349d515aba613d31c7fe771ad0
Size

553KB
MD5

3ad8fe1135298777d8fbd730e86e8083
SHA1

9925629823b5aae85a6e71cfbb2a5bb0c349dd45
SHA256

541b992d6a7ea9941332532c37f9531610f9be349d515aba613d31c7fe771ad0
SHA512

70048fea542bdf3da7b2d23037ee09710dac67b2180db266d5e599a21e0e58dc41852be14118f071864856a25b7b67ef9620babc7058faf64f5e0e29e87fa35d
SSDEEP

12288:hmqIfyYRZ4RbN+Lvb4eQmhYLNBZfKwz9yr:hmqIfyQaVoh2LNd5yr

Score

N/A

Malware Config

Signatures

Files

541b992d6a7ea9941332532c37f9531610f9be349d515aba613d31c7fe771ad0
.exe windows x86

30c7fac20b2addb83533a4a790e043b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
GetUserNameW
RegOpenKeyExA
CryptEncrypt
RegEnumValueA
CryptGetProvParam
DuplicateTokenEx
CryptAcquireContextA
LookupPrivilegeDisplayNameW
RegQueryMultipleValuesW
LookupAccountSidW
RegQueryValueExW

comctl32

InitCommonControlsEx

kernel32

GetTimeFormatA
HeapSize
HeapAlloc
LockFileEx
GetProcAddress
EnumSystemCodePagesW
EnumCalendarInfoW
TlsGetValue
GetEnvironmentStrings
FlushFileBuffers
InterlockedDecrement
VirtualFree
IsValidCodePage
GetTempPathA
WideCharToMultiByte
GetDateFormatA
TlsAlloc
WriteConsoleInputW
GetSystemDirectoryA
GetUserDefaultLCID
SetFilePointer
GetCurrentThread
GetThreadTimes
WriteFile
EnumSystemLocalesA
VirtualAlloc
FreeLibrary
QueryPerformanceCounter
ExitProcess
WriteConsoleW
HeapCreate
GetLocaleInfoA
GetProcessHeap
HeapFree
SetEnvironmentVariableA
FreeEnvironmentStringsW
SetLastError
CompareStringA
WriteConsoleA
GetTickCount
TerminateProcess
GetCalendarInfoW
GetCurrentProcess
HeapReAlloc
CompareStringW
GetCurrentProcessId
GetOEMCP
TlsSetValue
LoadLibraryA
VirtualQuery
IsValidLocale
GetACP
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetLastError
InterlockedIncrement
GetStringTypeA
IsDebuggerPresent
HeapDestroy
SetHandleCount
GetConsoleCP
GetStartupInfoA
GetConsoleMode
GetCurrentThreadId
GetVersionExA
GetStdHandle
CloseHandle
GetCPInfo
OpenMutexA
LCMapStringA
CreateFileA
GetStringTypeW
GetLocaleInfoW
SetStdHandle
GetTimeZoneInformation
GlobalUnfix
DeleteCriticalSection
SetConsoleCtrlHandler
CreateMutexA
ReadFile
GetModuleHandleA
UnhandledExceptionFilter
GetFileType
LeaveCriticalSection
LCMapStringW
GetConsoleOutputCP
GetCommandLineA
GetModuleFileNameA
Sleep
TlsFree
SetConsoleScreenBufferSize
GetSystemTimeAsFileTime
EnterCriticalSection
GetEnvironmentStringsW
InterlockedExchange
InitializeCriticalSection
MultiByteToWideChar
RtlUnwind

gdi32

StartPage
CreatePolyPolygonRgn
SetMetaFileBitsEx
UnrealizeObject
GetRegionData
FlattenPath
OffsetRgn
ExtTextOutA
GetObjectW
SetICMMode
SelectObject
CreateDIBPatternBrushPt
CreateDCW
SetBitmapDimensionEx

shell32

ShellAboutA
SHGetPathFromIDListA
SHLoadInProc
RealShellExecuteExA
DragQueryFileAorW

user32

GetScrollRange
RegisterClassA
EnumPropsExA
RegisterClassExA

wininet

FtpCreateDirectoryW
FtpCommandA
InternetSecurityProtocolToStringA
InternetSetCookieW
FtpPutFileW
FtpGetFileSize

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30c7fac20b2addb83533a4a790e043b8

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

gdi32

shell32

user32

wininet

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 10KB - Virtual size: 29KB

.data Size: 358KB - Virtual size: 357KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 10KB - Virtual size: 29KB

.data
Size: 358KB - Virtual size: 357KB

.rsrc
Size: 9KB - Virtual size: 8KB