86e77f658207008863ac295d8aaae4edea5848bb481b2000de8d9fac4b86a45b

General

Target

86e77f658207008863ac295d8aaae4edea5848bb481b2000de8d9fac4b86a45b
Size

172KB
MD5

ac0b1faa52819773aa94bdf5f01f4884
SHA1

d8049980b551544aac7552fa5b9df82fbe2d4a27
SHA256

86e77f658207008863ac295d8aaae4edea5848bb481b2000de8d9fac4b86a45b
SHA512

9bb58f5aa23cc6a09a3b54ab2f7241ceb60413c9a3430cbecda0f8abf1047371ceed86823ada72668215269df8afdc4b3ff51405ba95d7719cd6858ef80377bf
SSDEEP

3072:4N/khD8E1YeRYgIhisoJINeQrJ6YUZRI2vxK+/o+lCiz3607xS6b1W:4tkhgGY4Ygpsoue2yZ2+Tg+lCiJM6b1W

Score

N/A

Malware Config

Signatures

Files

86e77f658207008863ac295d8aaae4edea5848bb481b2000de8d9fac4b86a45b
.exe windows x86

13f939d4b56fab1877fe2c466fc287b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
CommandLineToArgvW
SHGetSpecialFolderLocation

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

gdi32

ArcTo
PolyDraw

user32

IsWindow

kernel32

UnhandledExceptionFilter
VirtualAlloc
VirtualFree
TerminateProcess
lstrlenW
ExitProcess
FindFirstFileW
FindNextFileW
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
InterlockedExchange
SetUnhandledExceptionFilter
Sleep
VirtualProtect

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_exit
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf

Exports

Exports

AddStateStruct
Clear
CrackNotificationPackage
CreateDatabase
CryptAllocFunc
DeleteTempFile
GetCurrentIndex
GetObjidFromName
GetQueryParameterInfo
HrFindInetTimeZone
HrTtreamSeekEnd
IsValidFileIfFileUrl
PrepareUpdate
PszAllocW

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13f939d4b56fab1877fe2c466fc287b4

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

gdi32

user32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 508B

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 508B