cf62d780f624c01dab0843bae33a9363b79903b2b8419ff863b96916834805db

General

Target

cf62d780f624c01dab0843bae33a9363b79903b2b8419ff863b96916834805db
Size

68KB
MD5

8cb58671b50d0ab3976d99df572e30bf
SHA1

e56f078d1c5a661bc0f3ece7898ad4b9ce48f281
SHA256

cf62d780f624c01dab0843bae33a9363b79903b2b8419ff863b96916834805db
SHA512

ae214c98db41a72703a1363e3d267d002f7a31faa0d5956c44afa2618492423fbc2265c391ca5b29b40dc361b8f10d010357ebb97581569b477e567d5debd390
SSDEEP

1536:lYXY8lLadQPV9Z7uJ92dkAJj89bhTBeB++R5v:YY8NRV9ZSJ92aVJ5+R5

Score

N/A

Malware Config

Signatures

Files

cf62d780f624c01dab0843bae33a9363b79903b2b8419ff863b96916834805db
.exe windows x86

409e4537262ee041a85d70aa51062679

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetCurrentProcess
SetFilePointer
CloseHandle
GetModuleFileNameA
TlsAlloc
TlsGetValue
FreeLibrary
WideCharToMultiByte
LeaveCriticalSection
LCMapStringW
GetFileSize
GetLastError
LoadLibraryA
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetVersionExA
GetLocalTime
GetProcessHeap
GetSystemTime
GetStringTypeA
LCMapStringA
MultiByteToWideChar
IsBadWritePtr
GetStringTypeW
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc

advapi32

EqualSid
RegDeleteKeyA
RegDeleteKeyW
CryptGenRandom
RegQueryInfoKeyW
InitializeAcl
RegEnumValueW
OpenServiceW
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA

user32

GetClipboardData
GetForegroundWindow
GetActiveWindow
MessageBoxW

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

409e4537262ee041a85d70aa51062679

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 4KB