5938a21a2c414dc15bb3b03417bf3a28170ca873a26bfb5473a34b649bf56b46

Sharing

Copy URL Twitter E-mail

General

Target

5938a21a2c414dc15bb3b03417bf3a28170ca873a26bfb5473a34b649bf56b46
Size

319KB
MD5

ac3a63fe18da85f1166918df4bfa7de5
SHA1

1de581e8bf73451b9f9c6a152c12f322f79f3f84
SHA256

5938a21a2c414dc15bb3b03417bf3a28170ca873a26bfb5473a34b649bf56b46
SHA512

51d673a5156b36b884ea5cb02e25a7c2436878364b43a33ffaaa6ea6a49d245cd8b0d728bc8558a6418e94d28c9d2bb75661f90d5dd7c44f9672adb349ca096c
SSDEEP

6144:XY5Y+cSxkeQv16oLvCtdPxAtJa7vV9eaLl5bytjP:XYtcSx7QvLqtdPxAqjV9Z5K

Score

N/A

Malware Config

Signatures

Files

5938a21a2c414dc15bb3b03417bf3a28170ca873a26bfb5473a34b649bf56b46
.exe windows x86

b64c9a6bc7f6aa57a92822ef2248f07b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
DoDragDrop
OleInitialize
CoTaskMemAlloc
CoCreateInstance
PropVariantClear
CoTaskMemFree
ReleaseStgMedium
CoInitializeEx
CoUninitialize

advapi32

RegQueryValueExW
RegEnumValueW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

GetStringTypeW
FreeEnvironmentStringsW
DisableThreadLibraryCalls
GlobalDeleteAtom
GetCurrentProcess
ResetWriteWatch
RequestWakeupLatency
TransmitCommChar
MulDiv
OpenProcess
SetMessageWaitingIndicator
ClearCommError
SetProcessPriorityBoost
SetSystemTimeAdjustment
AssignProcessToJobObject
FlushViewOfFile
GetFileAttributesExW
CreateFileMappingW
RequestDeviceWakeup
GetStdHandle
GetThreadPriority
GetNamedPipeHandleStateA
FlushInstructionCache
GetCommMask
GetProcessIoCounters
ReleaseMutex
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b64c9a6bc7f6aa57a92822ef2248f07b

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

comctl32

kernel32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 87KB - Virtual size: 5.9MB

.rsrc Size: 193KB - Virtual size: 193KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 87KB - Virtual size: 5.9MB

.rsrc
Size: 193KB - Virtual size: 193KB