ad0f0cceb051dd37419f6d950c6d11968d014e2a28afd80adfd766ffd8ce87e9

Sharing

Copy URL Twitter E-mail

General

Target

ad0f0cceb051dd37419f6d950c6d11968d014e2a28afd80adfd766ffd8ce87e9
Size

121KB
MD5

7a9bc24c456159222177998dfcc42919
SHA1

1a1cb0c002e4f313d81dcefa623e9abbbc6bf09f
SHA256

ad0f0cceb051dd37419f6d950c6d11968d014e2a28afd80adfd766ffd8ce87e9
SHA512

9ced0742b482d4de57f88f22637d461bacdb8b36d8384ceba06ce24b03f115434a8aeafbb4a26131416324173d532020e596a9ddce38a50e0152cf69531600c1
SSDEEP

3072:m/7WHIL0fraslEV3CMMJi2LTEj79TFSaj09CPXvAtsy3n/npF:m/7WHOlslEwi8EjlFbY+4Dn/np

Score

N/A

Malware Config

Signatures

Files

ad0f0cceb051dd37419f6d950c6d11968d014e2a28afd80adfd766ffd8ce87e9
.exe windows x86

baea2340b670609ce6731daf94227fa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsValidSid
LookupAccountNameW
RegEnumValueW
GetCurrentHwProfileA
LookupPrivilegeNameA
AddAuditAccessAce
CryptSetProviderExA
RegOpenCurrentUser

user32

GetClassInfoW
GetSystemMetrics
SendMessageW
SetCaretBlinkTime
SwitchToThisWindow
DlgDirSelectComboBoxExA
OpenIcon
GetDCEx
ReleaseDC
OpenDesktopA
MapVirtualKeyExA
GetWindowLongA
GetKeyboardLayoutList
DefMDIChildProcW

msvcrt

iswspace
putc
abort
mbstowcs
rand
memset
memcpy

shell32

ord179

gdi32

SetMapMode
SetMetaFileBitsEx
AddFontResourceA
SetLayout
CreateBrushIndirect
GetEnhMetaFileA
ChoosePixelFormat
CreateEnhMetaFileA
StretchDIBits
DescribePixelFormat
GetICMProfileA
FlattenPath
CreateColorSpaceW
ColorCorrectPalette
GetPixel

kernel32

RegisterWaitForSingleObjectEx
SetLocalTime
VirtualLock
QueueUserWorkItem
GetOverlappedResult
GetProcessHeaps
CreateMailslotA
CreateFileA
MapViewOfFile
CloseHandle
GetFileSize
GetCommandLineA
GetModuleFileNameA
UnmapViewOfFile
LoadLibraryA
GetProcAddress
LocalAlloc
LocalFree
FreeLibrary
InterlockedExchange
GetLastError
CreateFileMappingA
OpenEventW
GetTimeZoneInformation
GetCurrencyFormatW
FillConsoleOutputCharacterA
VirtualQuery
RaiseException
VirtualFree
GetCPInfoExW
BackupRead
_lcreat
GetCompressedFileSizeA
EnumResourceNamesA
IsDBCSLeadByteEx
LocalSize
AddAtomA
EnumDateFormatsExA
ExitThread
lstrcmpA
SetConsoleWindowInfo
GetModuleHandleA
GetBinaryTypeA
lstrcatA
BackupWrite
lstrcpynA
FatalExit
GetProcessWorkingSetSize
ReplaceFileW
SetHandleCount
ReadFile
ReadConsoleOutputW

clusapi

ClusterRegQueryInfoKey

shlwapi

PathMakePrettyA
AssocQueryStringA
SHSkipJunction
PathBuildRootA
SHQueryValueExA
StrStrIW
PathIsNetworkPathW

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata1
Size: 512B - Virtual size: 447B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata0
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

QMst6
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baea2340b670609ce6731daf94227fa2

Headers

File Characteristics

Imports

advapi32

user32

msvcrt

shell32

gdi32

kernel32

clusapi

shlwapi

Sections

.text Size: 112KB - Virtual size: 112KB

.idata1 Size: 512B - Virtual size: 447B

.idata0 Size: 512B - Virtual size: 510B

QMst6 Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 4KB

.text
Size: 112KB - Virtual size: 112KB

.idata1
Size: 512B - Virtual size: 447B

.idata0
Size: 512B - Virtual size: 510B

QMst6
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 4KB