1fcbae8fa3e8c57acbf89331b16b9fc2c817e019390baad837ab9417dd73d95b

Sharing

Copy URL Twitter E-mail

General

Target

1fcbae8fa3e8c57acbf89331b16b9fc2c817e019390baad837ab9417dd73d95b
Size

104KB
MD5

28c24cc5aab3cc7c82fa7bb91d1c13b1
SHA1

8d3ce8eb2a05ac93450e3f99c85f245bc1613fae
SHA256

1fcbae8fa3e8c57acbf89331b16b9fc2c817e019390baad837ab9417dd73d95b
SHA512

0e4c8927db4fabd5eedc1d2891ef715a82c20e0ca198298406f29ad5e5cff6b0704a43dd6ea7cff0c3454c4cdd7ab2b0472788974a9cec5c2b93808783bc9362
SSDEEP

1536:rB1qOZ6Teg/bqDLujkeqQLC1fAnnBvoCfl19q2Bba4SQ1t4H:t1hG/WDLoL0fAnnBvoCfJNaqb4

Score

N/A

Malware Config

Signatures

Files

1fcbae8fa3e8c57acbf89331b16b9fc2c817e019390baad837ab9417dd73d95b
.exe windows x86

a218106974a7fb92be6e45e5fb4f69c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
CopyFileW
GetModuleFileNameW
GetLastError
FindFirstFileW
GetSystemDirectoryW
OpenProcess
CreateRemoteThread
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
GetCurrentProcessId
WriteProcessMemory
VirtualAllocEx
GetExitCodeThread
GetModuleFileNameA
ExitThread
LoadLibraryA
FindNextFileA
lstrcmpA
FindFirstFileA
lstrcpynA
CopyFileA
GetTickCount
lstrcatA
ReadFile
GetFileSize
GetSystemTime
SetFileAttributesA
LockResource
LoadResource
SizeofResource
FindResourceA
FindClose
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateProcessA
CreateEventA
WinExec
GetDriveTypeA
WritePrivateProfileStringA
GetWindowsDirectoryA
CompareStringA
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
CompareStringW
HeapReAlloc
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SystemTimeToFileTime
CreateFileW
SetFileTime
SetFileAttributesW
Sleep
CreateThread
GetSystemDirectoryA
DeleteFileA
CreateFileA
SetFilePointer
CloseHandle
WriteFile
GetModuleHandleA
lstrlenA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLocalTime
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc

user32

KillTimer
PostQuitMessage
SetTimer
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
DispatchMessageA
TranslateMessage
CharUpperA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetParent
GetWindowTextA
wsprintfA
GetKeyNameTextA
GetKeyboardState
ToAscii
GetMessageA

gdi32

GetStockObject

advapi32

RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA

shell32

ShellExecuteA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a218106974a7fb92be6e45e5fb4f69c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

psapi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 68KB - Virtual size: 124KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 68KB - Virtual size: 124KB