a758cb3c663a6d38d2fc46c611465ede7f2cba18f49ef4ab4e05f9b2ca84c685

Sharing

Copy URL Twitter E-mail

General

Target

a758cb3c663a6d38d2fc46c611465ede7f2cba18f49ef4ab4e05f9b2ca84c685
Size

313KB
MD5

c4c51d6c621ecc815b361f1293c48f37
SHA1

6bf3653ebb5fd0eddbe94f1b83f7c401af3e1917
SHA256

a758cb3c663a6d38d2fc46c611465ede7f2cba18f49ef4ab4e05f9b2ca84c685
SHA512

041cb82b28d110c3db2da22b38e8b949f35a59e17067b1ef33e07598129f15d737d81fefd1aaf7f24b11a819283586bfb28f3183cb0cca2a624053f0f6f268e3
SSDEEP

6144:ZCUYVZ1ktxr13KG8uyfHej7pbWcqkEfsgRsRXmYHjQd+MJkBDUHYDMb:4zepUfHej7FW9xs7jQ7mY4U

Score

N/A

Malware Config

Signatures

Files

a758cb3c663a6d38d2fc46c611465ede7f2cba18f49ef4ab4e05f9b2ca84c685
.exe windows x86

21b220fa09b89e85d3d710fae6beb6ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

shell32

SHGetFolderPathA

user32

MessageBoxA
GetSystemMetrics

advapi32

RegOpenKeyExA
SetSecurityDescriptorDacl
RegCloseKey
RegSetValueExA
ImpersonateSelf
RevertToSelf
RegQueryValueExA
InitializeSecurityDescriptor

oleaut32

SysAllocStringByteLen
SysFreeString

kernel32

IsBadCodePtr
TlsSetValue
lstrcmpiA
SetEndOfFile
FreeLibrary
SetUnhandledExceptionFilter
TryEnterCriticalSection
DeleteCriticalSection
WriteFile
VirtualQuery
HeapSize
SetHandleCount
FormatMessageA
SetStdHandle
CreateDirectoryA
OutputDebugStringA
HeapDestroy
GetCommandLineA
LeaveCriticalSection
RtlUnwind
VirtualAlloc
FreeEnvironmentStringsA
HeapAlloc
GetCurrentDirectoryA
LocalFree
GetUserDefaultLCID
ReadFile
IsValidLocale
TlsAlloc
GetLocalTime
GetOEMCP
WideCharToMultiByte
VirtualProtect
CloseHandle
FreeEnvironmentStringsW
SetFilePointer
LoadLibraryExA
TlsGetValue
WaitForSingleObject
GetCurrentThreadId
HeapFree
CreateMutexA
SetLastError
TlsFree
EnterCriticalSection
GetSystemInfo
HeapReAlloc
GetSystemTimeAsFileTime
DeleteFileA
ReleaseMutex
IsValidCodePage
GetFileType
UnhandledExceptionFilter
RaiseException
CreateFileA
GetStdHandle
TerminateThread
LCMapStringA
GetModuleHandleA
GetACP
FlushFileBuffers
VirtualFree
LCMapStringW
EnumSystemLocalesA
VirtualAllocEx

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
FlatSB_EnableScrollBar
FlatSB_GetScrollPos
ImageList_ReplaceIcon
CreateStatusWindowW
ImageList_Remove
ImageList_Write
FlatSB_GetScrollInfo
ImageList_Destroy
FlatSB_SetScrollRange

tsbyuv

DriverProc

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 993KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21b220fa09b89e85d3d710fae6beb6ff

Headers

File Characteristics

Imports

rpcrt4

ole32

shell32

user32

advapi32

oleaut32

kernel32

comctl32

tsbyuv

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 282KB - Virtual size: 993KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 282KB - Virtual size: 993KB

.rsrc
Size: 6KB - Virtual size: 5KB