5aa1c31547b105f7925f87e7606ab1e2da74df4e25d8aad79b5a8189bf869b86

Sharing

Copy URL Twitter E-mail

General

Target

5aa1c31547b105f7925f87e7606ab1e2da74df4e25d8aad79b5a8189bf869b86
Size

291KB
MD5

ecc55add9eb30a6445bedf358c73ff15
SHA1

a6186c04c42b7400014dcf52c820d3b038035b8c
SHA256

5aa1c31547b105f7925f87e7606ab1e2da74df4e25d8aad79b5a8189bf869b86
SHA512

383b1328b29a178c124e78eaeb366eaafb317513152465127b014b4d5710cb4d7e82bf6de07764fc204f158e0c564afa15007597906ae1ffc7cc402010f6dbfa
SSDEEP

6144:Kp+hNyCSkA3O3iztQWTEnvjpIjv6E1vhfAJc+w:KkiFzeSa1pI51yw

Score

N/A

Malware Config

Signatures

Files

5aa1c31547b105f7925f87e7606ab1e2da74df4e25d8aad79b5a8189bf869b86
.exe windows x86

874178ba425349f87374fe54ec28a9bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetParent
GetSysColor
GetNextDlgGroupItem
EnumWindows
IsZoomed
EndDialog
CreateWindowExA
GetWindowRect
LoadCursorA
MapDialogRect
GetDesktopWindow

advapi32

SetTokenInformation
RegConnectRegistryA
DeregisterEventSource
RegNotifyChangeKeyValue
RegSetValueExA
RegCreateKeyExA
OpenEventLogA

kernel32

LocalSize
HeapReAlloc
DeleteCriticalSection
VirtualProtectEx
LocalLock
OpenEventA
GetCurrencyFormatA
HeapSize
GetStringTypeA
LocalHandle
GetPrivateProfileStructA
WriteProfileSectionA
GetPrivateProfileSectionNamesA
GetModuleHandleA
GetProcAddress
ResumeThread
GetStartupInfoA
ResetEvent
TlsGetValue
FreeEnvironmentStringsA
GetProcessHeap
CreateSemaphoreA
VirtualAllocEx
CloseHandle
LCMapStringA
GetProfileStringA
GetThreadLocale
GetModuleFileNameA

activeds

ord6
ord15
ord3
ord8
ord19
ord7
ord5
ord14
ord4
ord16
ord13
ord23
ord22

winscard

SCardListReadersA

wtsapi32

WTSOpenServerW
WTSQueryUserConfigW
WTSSetUserConfigW
WTSEnumerateProcessesW
WTSVirtualChannelWrite
WTSDisconnectSession
WTSVirtualChannelClose
WTSTerminateProcess
WTSEnumerateProcessesA
WTSSendMessageA
WTSWaitSystemEvent
WTSQueryUserConfigA
WTSEnumerateServersA

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

874178ba425349f87374fe54ec28a9bf

Headers

File Characteristics

Imports

user32

advapi32

kernel32

activeds

winscard

wtsapi32

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 268KB - Virtual size: 267KB

.data Size: 512B - Virtual size: 320KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 268KB - Virtual size: 267KB

.data
Size: 512B - Virtual size: 320KB

.rsrc
Size: 17KB - Virtual size: 16KB