57100e5b36d30e3f40cd10d4cb1585434548426823f3be006b20696d3d3f2617

Sharing

Copy URL Twitter E-mail

General

Target

57100e5b36d30e3f40cd10d4cb1585434548426823f3be006b20696d3d3f2617
Size

176KB
MD5

374f665a0c4f102da159e6c0ce6980e1
SHA1

79138a748782f90f37d4bf536f2787bf9a760e05
SHA256

57100e5b36d30e3f40cd10d4cb1585434548426823f3be006b20696d3d3f2617
SHA512

ef486e430823b0e07a2a9a9e07f3bdb31aafd2ce5abe5af9191806011da3e1a1a5c0d44f79f9f751830b9d6356a0846e29f08dccf2510e394a8a3fa70bd403d2
SSDEEP

3072:7ibUh9FCKmHWYTNgW3f3UA70iDY+pIbmx:7ibUhHCz2gv/2iYbm

Score

N/A

Malware Config

Signatures

Files

57100e5b36d30e3f40cd10d4cb1585434548426823f3be006b20696d3d3f2617
.exe windows x86

2b4fbb570bfe9ff6badabe206e58f732

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconExW
ShellExecuteExW
FindExecutableA
DragQueryFileA
DragQueryFileW
ExtractIconA
Shell_NotifyIconW
ShellExecuteExA

ole32

OleQueryLinkFromData
DoDragDrop
WriteClassStg
CoFileTimeNow

advapi32

LookupAccountNameW
RegSetValueExW
GetSidIdentifierAuthority
DeleteService
GetKernelObjectSecurity
PrivilegedServiceAuditAlarmA
AllocateAndInitializeSid
RegRestoreKeyA

kernel32

FlushFileBuffers
GetConsoleCP
HeapSize
CloseHandle
WriteConsoleW
SetFilePointer
SetStdHandle
CreateFileW
GetConsoleMode
SetUnhandledExceptionFilter
GetProfileIntA
TerminateProcess
GetDiskFreeSpaceExA
AddAtomW
GetFileType
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetLastError
GetProcAddress
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapAlloc
HeapReAlloc
RtlUnwind
LoadLibraryW
IsProcessorFeaturePresent

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b4fbb570bfe9ff6badabe206e58f732

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 114KB - Virtual size: 116KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 114KB - Virtual size: 116KB