488cad5ce671878561942d1705753a2a0bd3db29d67dfed437798400a287c8b6

Sharing

Copy URL Twitter E-mail

General

Target

488cad5ce671878561942d1705753a2a0bd3db29d67dfed437798400a287c8b6
Size

528KB
MD5

7fc23ef0277baf56a3d70af9e0889882
SHA1

088b1fcd8adf88baf00174c499f03925200dfb38
SHA256

488cad5ce671878561942d1705753a2a0bd3db29d67dfed437798400a287c8b6
SHA512

44d414df3a47dcf6b2daaf6af1cc52fa7ada563d588016e38ab2701bee75f3423f7ecd6c2e27520e765cb9e10a8c9960fb0039075f297c7376306eb33da0bad4
SSDEEP

12288:n21ZHPjUtcnRtcnRtcnRtcnRtcnltcnt:n2HUtcnRtcnRtcnRtcnRtcnltcn

Score

N/A

Malware Config

Signatures

Files

488cad5ce671878561942d1705753a2a0bd3db29d67dfed437798400a287c8b6
.exe windows x86

a8ff61ea2de80e4c230299182bffeb94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
TerminateProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
QueryPerformanceCounter
FlushFileBuffers
GetTimeZoneInformation
GetSystemInfo
VirtualProtect
SetConsoleCtrlHandler
GetCurrentProcessId
GetLastError
GetVersionExA
GetModuleFileNameA
GetCurrentThreadId
GetPrivateProfileIntA
GetCommandLineA
OutputDebugStringA
CreateFileA
SetFilePointer
GetLocalTime
WriteFile
CloseHandle
GetSystemDirectoryA
CreateProcessA
GetTickCount
lstrcpyA
GetModuleHandleA
GetProcAddress
GetLocaleInfoW
Sleep
VirtualFree
VirtualAlloc
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
FatalAppExitA
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
RaiseException
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
InterlockedExchange
VirtualQuery
LoadLibraryA
InitializeCriticalSection
SetStdHandle
GetSystemTimeAsFileTime

user32

PeekMessageA
PostMessageA
GetActiveWindow
EnumDisplaySettingsA
ChangeDisplaySettingsExA
wsprintfA
IntersectRect
WindowFromDC
MapWindowPoints
SystemParametersInfoA
GetWindowRect
GetSystemMetrics

gdi32

ExtEscape
CreateDCA
DeleteDC
GetClipBox

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
DeleteService
CreateServiceA
RegCreateKeyA
RegSetValueExA
DeregisterEventSource
RegisterEventSourceA
ReportEventA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegOpenKeyA
RegFlushKey
RegCloseKey
StartServiceCtrlDispatcherA

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 392KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8ff61ea2de80e4c230299182bffeb94

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 392KB - Virtual size: 399KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 392KB - Virtual size: 399KB

.rsrc
Size: 24KB - Virtual size: 24KB