8fcab3764e4ffdfdcd2804495c84f1757e467c6acfb0b373269e91ae3a0b4feb

Sharing

Copy URL Twitter E-mail

General

Target

8fcab3764e4ffdfdcd2804495c84f1757e467c6acfb0b373269e91ae3a0b4feb
Size

55KB
MD5

daab3bd1863773d4141a1c67e10b9654
SHA1

f5b1c2ef322bd953d9e8d7bdf02f6abd8fce5aae
SHA256

8fcab3764e4ffdfdcd2804495c84f1757e467c6acfb0b373269e91ae3a0b4feb
SHA512

945c8ec4806dcfce4195c58feec961f995bbe2aa95ecd46f540adcb772f7dbb357fc266b2ed9a5d8a30f0c8e8fd4210a07f5795f25a266fd339462794e41dfd2
SSDEEP

1536:ziVdQwQ8WaP6eIYwDBLxtEmJw++++++++++++++++++++++++++++++++++++++q:OcB8W1eI3DBLxtC++++++++++++++++u

Score

N/A

Malware Config

Signatures

Files

8fcab3764e4ffdfdcd2804495c84f1757e467c6acfb0b373269e91ae3a0b4feb
.exe windows x86

d16bf13b8ab71cd230175c6889d05946

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
DeleteFileA
GetProcAddress
LoadLibraryA
SetFileAttributesA
MoveFileExA
MoveFileA
GetTickCount
GetTempPathA
HeapAlloc
GetProcessHeap
VirtualProtect
IsBadReadPtr
FreeLibrary
lstrlenA
GlobalMemoryStatus
GetSystemInfo
lstrcatA
OpenEventA
SetUnhandledExceptionFilter
SetErrorMode
CreateMutexA
CopyFileA
GetShortPathNameA
RaiseException
LocalAlloc
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
ResumeThread
CreateThread
TerminateThread
lstrcpyA
CreateProcessA
GetLastError
OutputDebugStringA
GetFileAttributesA
ReadFile
GetCurrentThreadId
GetEnvironmentVariableA
GetWindowsDirectoryA
GetFileSize
CreateFileA
InitializeCriticalSection
SetFilePointer
WriteFile
CancelIo
InterlockedExchange
SetEvent
Sleep
ResetEvent
WaitForSingleObject
CloseHandle
CreateEventA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
GetVersionExA

user32

wsprintfA
MessageBoxA
OpenDesktopA
GetMessageA
GetInputState
RegisterClassA
LoadCursorA
LoadIconA
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
GetLastInputInfo
OpenWindowStationA
GetProcessWindowStation

gdi32

GetStockObject

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
OpenSCManagerA
OpenServiceA
DeleteService
RegCreateKeyA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegCreateKeyExA
StartServiceCtrlDispatcherA
CloseServiceHandle
StartServiceA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA
RegOpenKeyExA
SetServiceStatus

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString

msvcrt

exit
_strnicmp
_stricmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
_beginthreadex
strncmp
rand
atoi
??3@YAXPAX@Z
memmove
ceil
_ftol
strlen
memcpy
__CxxFrameHandler
??2@YAPAXI@Z
memcmp
memset
strcpy
strcat
strrchr
malloc
realloc
_except_handler3
strchr
strncat

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d16bf13b8ab71cd230175c6889d05946

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcrt

Sections

.text Size: 23KB - Virtual size: 23KB

������ Size: 3KB - Virtual size: 3KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 23KB - Virtual size: 23KB

��
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 27KB - Virtual size: 26KB