88687ea05158918102a9465d0ab4a0536f62ec764a193315105442aa885657de

Sharing

Copy URL Twitter E-mail

General

Target

88687ea05158918102a9465d0ab4a0536f62ec764a193315105442aa885657de
Size

54KB
MD5

a40dc3d6f7dfff9c2c8fc18cc1e9b731
SHA1

25f4120ca2eef2040f7fb5d47f52a392a3eeb337
SHA256

88687ea05158918102a9465d0ab4a0536f62ec764a193315105442aa885657de
SHA512

8693ae20de727032afad8977ed308ea8b4821b6adcf590ec748686a85c75739f7c1fa7c701cceda643863e3c2da89d654a8b5f13a5d444529eb48c2121555509
SSDEEP

768:0VFFbl8Til50eFOImswy+W512FM0NaRRoPDbkGR7/IPEJsKJlSz6Ptxthfj6Qm:eby450eFkyP8Houbn7wPEJsKVnm

Score

N/A

Malware Config

Signatures

Files

88687ea05158918102a9465d0ab4a0536f62ec764a193315105442aa885657de
.exe windows x86

40dddc79721fe6f8c6daa5adba1e1382

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetCommandLineA
GlobalHandle
GetVersion
CopyFileA
GetDriveTypeA
GetEnvironmentStrings
VirtualProtect
GetACP
GlobalLock
LoadResource
SetLastError
GetModuleHandleW
GetThreadLocale
lstrcmpiA
OutputDebugStringA
GlobalUnlock
GetTempPathA
GetModuleHandleA
ExitProcess
Sleep
IsDebuggerPresent
RtlUnwind
CompareFileTime
CompareStringA
CreateProcessW
GetExitCodeProcess
FreeEnvironmentStringsW
LCMapStringA
GetConsoleMode
GetCurrentThreadId
GetVersionExW
IsDBCSLeadByte
DeleteFileA
GetCurrentProcessId
GetModuleFileNameW
lstrcpynA
GetFullPathNameA
lstrlenA
lstrcmpA
GetFileAttributesW
VirtualFree
GetStringTypeExA
GetCurrentProcess
GetSystemDirectoryA
DuplicateHandle

msvcrt

_exit
_initterm
__setusermatherr
_XcptFilter
__p___initenv
__getmainargs
_adjust_fdiv
_except_handler3
_controlfp
__p__fmode
__set_app_type
__p__commode

user32

InsertMenuItemA
IsDialogMessageA
DefWindowProcA
SetScrollPos
LoadIconA
AdjustWindowRectEx
SystemParametersInfoA
GetLastActivePopup
InsertMenuA
PtInRect
IsWindowVisible
PeekMessageA
SetCapture
IsIconic
GetIconInfo
DrawFrameControl
BeginPaint
GetDC
GetDlgItem
SetWindowTextA
GetKeyState
ShowCursor
CreateMenu
DispatchMessageA
RegisterWindowMessageA
ReleaseDC
IntersectRect
IsWindow
DrawEdge
GetFocus
SetWindowsHookExA
DrawIcon
IsWindowEnabled
SetScrollInfo
GetMessagePos
GetSysColorBrush
wsprintfA
GetWindowPlacement
CreatePopupMenu

advapi32

GetTokenInformation
CryptGenRandom
AddAccessAllowedAce
CryptAcquireContextA
RegDeleteValueA
AllocateAndInitializeSid
RegOpenKeyW
GetSecurityDescriptorDacl
RegOpenKeyExA
GetLengthSid
CheckTokenMembership
CryptDestroyHash
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumKeyA
FreeSid
RegDeleteKeyW
DeleteService
AdjustTokenPrivileges
InitializeSecurityDescriptor
OpenServiceA
OpenSCManagerA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegEnumValueW
RevertToSelf
LookupPrivilegeValueA
CryptReleaseContext
GetUserNameA
QueryServiceStatus

Sections

.text
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40dddc79721fe6f8c6daa5adba1e1382

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 1024B - Virtual size: 796B

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 1024B - Virtual size: 796B

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 31KB - Virtual size: 31KB