90a7602b564b6883258f281d1118877e10cbcdc5d05345ac94935b42586b9685

Sharing

Copy URL Twitter E-mail

General

Target

90a7602b564b6883258f281d1118877e10cbcdc5d05345ac94935b42586b9685
Size

9.7MB
MD5

c9f864ac018bd67348ac8e1ee790a133
SHA1

26f5970644b0587115d7bbbd722d97bb2f3ab562
SHA256

90a7602b564b6883258f281d1118877e10cbcdc5d05345ac94935b42586b9685
SHA512

1562cba37678f393a0c89f3dc5144307e2853d6596340e2d53ba306115afab4987a916d09804b3f7fc6f5bc00aa53b0c41c9c46616e2e982eecf4de2e38f3fbe
SSDEEP

196608:KwKmggxnHPiDcI22vcGvIM4vajqAgpsja3mwDpxbW5ya29G9qWI+:CixnHPiw4cGwajqhpsm3NDhqp

Score

N/A

Malware Config

Signatures

Files

90a7602b564b6883258f281d1118877e10cbcdc5d05345ac94935b42586b9685
.exe windows x86

6b4c61d0923c1aecbfcddabeea5db9e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
FreeLibrary
VirtualFree
LocalAlloc
GetModuleFileNameA
GetFileType
GetCurrentThreadId
GetCurrentProcess
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetLocaleInfoA
GetStdHandle
LoadLibraryExW
GetStringTypeA
UnhandledExceptionFilter
TerminateProcess
InterlockedIncrement
GetProcessHeap
CreateThread
CloseHandle
GetACP
LeaveCriticalSection
AddAtomW
GetCurrentProcessId
CreateEventA
GetCommandLineW
CreateEventW
HeapCreate
ExitProcess
VirtualQueryEx
_lopen
GetTickCount
GetSystemTimeAsFileTime

user32

SetFocus
SystemParametersInfoW
GetDC
IsIconic
LoadIconW
UnregisterClassA
IsWindowVisible
SetForegroundWindow
GetSystemMetrics
MapWindowPoints
UpdateWindow
CopyRect
KillTimer
PostMessageW
DialogBoxParamW
RegisterWindowMessageW
GetDlgCtrlID
CreateWindowExA
EqualRect
DrawFocusRect
DestroyMenu

gdi32

GetTextColor
Escape
CreateMetaFileA
CreatePalette
GetCurrentPositionEx
SetWindowExtEx
GetCurrentObject
SetMapMode
GetWindowExtEx

advapi32

AllocateAndInitializeSid
CopySid
RegSetValueExA
ImpersonateLoggedOnUser
QueryServiceConfigW
GetUserNameA
LookupPrivilegeValueW
CheckTokenMembership
CryptExportKey
RegDeleteValueA
StartServiceW

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler3
_controlfp
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
__setusermatherr

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b4c61d0923c1aecbfcddabeea5db9e6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 142KB - Virtual size: 156KB

.xdata Size: 512B - Virtual size: 100B

.tls Size: 1024B - Virtual size: 3KB

.rsrc Size: 93KB - Virtual size: 92KB

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 142KB - Virtual size: 156KB

.xdata
Size: 512B - Virtual size: 100B

.tls
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 93KB - Virtual size: 92KB