205c7628a86c3a76acce71f5c26aa9e48aaaf998d7ac6774a2fe514762cd78ae

Sharing

Copy URL Twitter E-mail

General

Target

205c7628a86c3a76acce71f5c26aa9e48aaaf998d7ac6774a2fe514762cd78ae
Size

104KB
MD5

d6366ca7fed7c4b92dc9fbabca5d6fab
SHA1

a44f909319b89ef6187e43988dc74e8484b9ac6d
SHA256

205c7628a86c3a76acce71f5c26aa9e48aaaf998d7ac6774a2fe514762cd78ae
SHA512

7da44231460fdf3d22ff77217669ad36f78ce32ec026254b8f84d57ce07195da7465114ec7e860b7edcc0bec27b86323a01823a25fc9580233b3ad6f56f6ee8b
SSDEEP

1536:oB1qOZ6Teg/bqDLujkeqQLC1fAnnBvoCfl19q2Bba4SQ1t4H:01hG/WDLoL0fAnnBvoCfJNaqb4

Score

N/A

Malware Config

Signatures

Files

205c7628a86c3a76acce71f5c26aa9e48aaaf998d7ac6774a2fe514762cd78ae
.exe windows x86

a218106974a7fb92be6e45e5fb4f69c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
CopyFileW
GetModuleFileNameW
GetLastError
FindFirstFileW
GetSystemDirectoryW
OpenProcess
CreateRemoteThread
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
GetCurrentProcessId
WriteProcessMemory
VirtualAllocEx
GetExitCodeThread
GetModuleFileNameA
ExitThread
LoadLibraryA
FindNextFileA
lstrcmpA
FindFirstFileA
lstrcpynA
CopyFileA
GetTickCount
lstrcatA
ReadFile
GetFileSize
GetSystemTime
SetFileAttributesA
LockResource
LoadResource
SizeofResource
FindResourceA
FindClose
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateProcessA
CreateEventA
WinExec
GetDriveTypeA
WritePrivateProfileStringA
GetWindowsDirectoryA
CompareStringA
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
CompareStringW
HeapReAlloc
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SystemTimeToFileTime
CreateFileW
SetFileTime
SetFileAttributesW
Sleep
CreateThread
GetSystemDirectoryA
DeleteFileA
CreateFileA
SetFilePointer
CloseHandle
WriteFile
GetModuleHandleA
lstrlenA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLocalTime
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc

user32

KillTimer
PostQuitMessage
SetTimer
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
DispatchMessageA
TranslateMessage
CharUpperA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetParent
GetWindowTextA
wsprintfA
GetKeyNameTextA
GetKeyboardState
ToAscii
GetMessageA

gdi32

GetStockObject

advapi32

RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA

shell32

ShellExecuteA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a218106974a7fb92be6e45e5fb4f69c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

psapi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 68KB - Virtual size: 136KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 68KB - Virtual size: 136KB