7f58252dc868f544301e01b46940efd11e34de9a2d5c6ce364abdd27705610c7

Sharing

Copy URL Twitter E-mail

General

Target

7f58252dc868f544301e01b46940efd11e34de9a2d5c6ce364abdd27705610c7
Size

643KB
MD5

435b28cfa596a3896feb45c9d77ab193
SHA1

52b1a9433039c4de1ba1605114ad7fd2058bb3df
SHA256

7f58252dc868f544301e01b46940efd11e34de9a2d5c6ce364abdd27705610c7
SHA512

1f9353df5c47936f762b1fb7bb7b512f40b092b7e52f3500f102407ea29455925327b57e214c1b55bdaeb0f4e0cd34fb1dbaac9b1270dcd94ff5adf6ac153072
SSDEEP

6144:HqDRlRtK03Kr79fGIk0IvoaK1f7W8DM+UAMBhPzptzU2aCP5y/P:HYRlRkOa7pG0rPbDwhrnzBaCBS

Score

N/A

Malware Config

Signatures

Files

7f58252dc868f544301e01b46940efd11e34de9a2d5c6ce364abdd27705610c7
.exe windows x86

245459f8c8d0d896355a0795220fa664

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GetPrivateProfileSectionW
CreateDirectoryA
LoadLibraryExA
SetVolumeLabelA
GetProfileIntA
ReadConsoleOutputA
GetVersion
ReadDirectoryChangesW
GetComputerNameW
CompareStringW
GetModuleFileNameW
OpenMutexA
LoadResource
_lopen
SetThreadPriorityBoost
SetEndOfFile
ExitProcess
GlobalReAlloc
ReleaseMutex
IsDBCSLeadByteEx
LocalLock
CreateEventA
SetSystemTime
MoveFileW
GetProcessHeap
GetACP
GetSystemTimeAdjustment
GetOEMCP
SetThreadLocale

gdi32

EndDoc
GetRgnBox
PathToRegion
SetBitmapDimensionEx
SetPixelFormat
GetClipRgn

comdlg32

ReplaceTextA
GetOpenFileNameW

ole32

OleSetMenuDescriptor
CoRegisterMallocSpy
OleSaveToStream
CoLockObjectExternal

ws2_32

WSAConnect
gethostbyaddr
ntohl
getservbyname
WSAGetServiceClassInfoW
select
WSALookupServiceNextW
WSAAccept
WSASetBlockingHook
WSASetLastError

shell32

SHGetPathFromIDListA
SHAddToRecentDocs
SHGetSpecialFolderLocation
ShellExecuteA

user32

SystemParametersInfoW
SendDlgItemMessageA
IsDialogMessageW
MapVirtualKeyExW
GetClassNameA
IsCharLowerW
SetParent
CloseClipboard
ChangeMenuA
GetMessageExtraInfo
LoadKeyboardLayoutA
EmptyClipboard

advapi32

CryptExportKey
OpenEventLogW
OpenSCManagerW
NotifyBootConfigStatus
QueryServiceConfigA
AllocateAndInitializeSid
InitiateSystemShutdownA
GetSidLengthRequired
AccessCheckAndAuditAlarmW
SetTokenInformation
LookupPrivilegeDisplayNameA
ControlService
MakeSelfRelativeSD
RegEnumValueA
CryptReleaseContext

msvcrt

wcslen
fputc
_ismbblead
remove
_spawnlp
_open
iswprint
_stricmp
strncmp
strtod
_strnicmp
wcscpy
abort
swscanf
setbuf
_write
wcstombs
isupper
iswxdigit
_wstrtime
_mbsicmp
_wopen
__doserrno
_ltow
ceil
__p___argc
putchar

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

245459f8c8d0d896355a0795220fa664

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

ole32

ws2_32

shell32

user32

advapi32

msvcrt

Sections

.text Size: 304KB - Virtual size: 304KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 323KB - Virtual size: 323KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 304KB - Virtual size: 304KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 323KB - Virtual size: 323KB

.rsrc
Size: 10KB - Virtual size: 9KB