878a454ef96805b6ff7b710a726f6e6d59b3fdd5a933dbdcabbdc98d6047df48

Sharing

Copy URL Twitter E-mail

General

Target

878a454ef96805b6ff7b710a726f6e6d59b3fdd5a933dbdcabbdc98d6047df48
Size

136KB
MD5

cefdd241f0d8eef75247d29563e7254b
SHA1

a604898d1c645fd1c625256340cc342dab7422a6
SHA256

878a454ef96805b6ff7b710a726f6e6d59b3fdd5a933dbdcabbdc98d6047df48
SHA512

1471f29cac90375a0a542e31d553c2f3b182869243769c973b1acb788cdc1cfbfac8a0f05c0930bbdcdbd9d2f9659e210784e33e6b76ee73f726492692224a0e
SSDEEP

3072:H5YyVH/rKHWUgLy9xgjfQ8aRnOYmJSv+CxfmRyWcN:ZtH/rC59Sj7aRnOD0+pRyBN

Score

N/A

Malware Config

Signatures

Files

878a454ef96805b6ff7b710a726f6e6d59b3fdd5a933dbdcabbdc98d6047df48
.exe windows x86

a8d0d1bea6901ad20e747ece3d2471ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
MoveFileW
lstrcmpA
GlobalHandle
FormatMessageA
TerminateThread
EnterCriticalSection
LockFile
CreateMutexA
GetCommandLineA
GetCurrentThreadId
GetOEMCP
GetSystemTimeAsFileTime
lstrlenW
GetDriveTypeW
DeleteFileA
lstrcmpiW
VirtualAlloc
GetStringTypeW
CreateDirectoryW
VirtualFree
IsBadReadPtr
IsValidLocale
HeapAlloc
QueryPerformanceCounter
DuplicateHandle
LoadLibraryA
SearchPathW
GetTickCount
SetLastError
GetCommandLineW
HeapReAlloc
GetConsoleCP
GetACP
CreateDirectoryA
LeaveCriticalSection
LCMapStringA
FreeResource
DebugBreak
FlushFileBuffers
DeleteCriticalSection
GetConsoleOutputCP
GetLocaleInfoW
FreeEnvironmentStringsW
GetCurrentProcessId

msvcrt

__getmainargs
wcstol
_controlfp
exit
??_V@YAXPAX@Z
_amsg_exit
__set_app_type
__p__fmode
??3@YAXPAX@Z
_wcsnicmp
wcsstr
??1type_info@@UAE@XZ
fprintf
??_U@YAPAXI@Z
__p__commode

user32

ScreenToClient
ReleaseDC
OpenClipboard
DrawTextW
EnableMenuItem
UpdateWindow
GetPropW
SetDlgItemTextW
GetAsyncKeyState
ShowWindow
RegisterWindowMessageW
GetTopWindow
GetDC
SetWindowRgn
GetSysColor
LoadBitmapW
IsChild
DrawEdge
GetClassNameW
GetMessagePos
UnhookWindowsHookEx
UnionRect
PeekMessageW
GetDlgItem

advapi32

OpenSCManagerW
RegOpenKeyA
CloseServiceHandle
RegQueryValueExA
GetLengthSid
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8d0d1bea6901ad20e747ece3d2471ee

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 61KB - Virtual size: 234KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 61KB - Virtual size: 234KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB