baf7364a8e38e47998fc9c2c591dbd3a695c913810383ad5fdd6d919086af700

General

Target

baf7364a8e38e47998fc9c2c591dbd3a695c913810383ad5fdd6d919086af700
Size

259KB
MD5

20e943a46d850ab61d7b2b59752c38d8
SHA1

b05d8b90c12223f50804f993121b7a2e761ac918
SHA256

baf7364a8e38e47998fc9c2c591dbd3a695c913810383ad5fdd6d919086af700
SHA512

8417aa710b5a92ec78403de5063dd1a18350c84047121bffd0074853ee1e3505c6689e2210f4b7271154acc11c8308eeecce0b251a3ff95dad25cf73dc5f7a10
SSDEEP

6144:3cELkOpdEqdtQkPq71NWqynkkTHds5DeVAL6AEQESU9H:sOlSqcR71AqykkTaDIMIUU9

Score

N/A

Malware Config

Signatures

Files

baf7364a8e38e47998fc9c2c591dbd3a695c913810383ad5fdd6d919086af700
.exe windows x86

c841a3c95bfa82e97764681d09d3dc00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetLastError
lstrlenA
CreateDirectoryA
CloseHandle
CreateProcessA
GetTempPathA
GetLocalTime
GetEnvironmentVariableA
GetCurrentProcessId
GetFileSize
CreateFileA
SetEndOfFile
SetFilePointer
WriteFile
InitializeCriticalSection
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
GetCurrentProcess
InterlockedIncrement
LocalFree
FormatMessageA
HeapFree
HeapAlloc
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
SetErrorMode
ReadFile
FlushFileBuffers
SetStdHandle
ExpandEnvironmentStringsA
GetFileAttributesA
GetModuleHandleA
GetProcAddress
GetVersionExA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 496KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c841a3c95bfa82e97764681d09d3dc00

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.vmp0 Size: 192KB - Virtual size: 496KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.vmp0
Size: 192KB - Virtual size: 496KB