01f153c2d1740166e6dc1a7a506fec8580904e4ca73c197fb954fafed1a08fc1

Sharing

Copy URL Twitter E-mail

General

Target

01f153c2d1740166e6dc1a7a506fec8580904e4ca73c197fb954fafed1a08fc1
Size

228KB
MD5

6985e9a7c42d5d462c8cf5250ed465f2
SHA1

fc0c21201bc1a51c9fb9336e035ac7fa4e74d3fe
SHA256

01f153c2d1740166e6dc1a7a506fec8580904e4ca73c197fb954fafed1a08fc1
SHA512

10947a940ebe8706799c22ecf54363ff127bc04d97d85a70b0c9ea125cabaa62da2e2fff979d13d24b041dd9cb12632dec3bf5d9c7e9c0c98c74f1fb9353d4ea
SSDEEP

3072:QB7oOPa/VD/hbTKWXi++vdcdQn7Z9XDhPTroJx9OjmvWOv4l:IzgVD/ha0C3TJTCWOv4

Score

N/A

Malware Config

Signatures

Files

01f153c2d1740166e6dc1a7a506fec8580904e4ca73c197fb954fafed1a08fc1
.exe windows x86

111589b1929589afee7ef3327e6d90dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
Shell_NotifyIconA
FindExecutableA
DuplicateIcon
DragFinish
ExtractAssociatedIconW
ExtractIconA

ole32

MonikerCommonPrefixWith
CreateOleAdviseHolder
ReleaseStgMedium
OleCreateFromDataEx
CoAddRefServerProcess

advapi32

ImpersonateSelf
InitiateSystemShutdownA
RegLoadKeyW
ChangeServiceConfigA
OpenBackupEventLogA
AccessCheckAndAuditAlarmW
DuplicateToken
CreateServiceA
OpenSCManagerW
GetCurrentHwProfileW

kernel32

LoadLibraryW
HeapReAlloc
GetConsoleCP
FlushFileBuffers
SetFilePointer
HeapSize
SetStdHandle
FormatMessageA
EnumSystemCodePagesW
SetCurrentDirectoryW
FindResourceExW
CallNamedPipeW
MoveFileA
OpenFileMappingA
CancelDeviceWakeupRequest
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetLastError
GetDiskFreeSpaceA
GetLogicalDrives
GetCommandLineA
HeapSetInformation
GetStartupInfoW
WriteConsoleW
MultiByteToWideChar
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
HeapFree
CreateFileW
CloseHandle
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
Sleep
RtlUnwind

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

111589b1929589afee7ef3327e6d90dd

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 163KB - Virtual size: 164KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 163KB - Virtual size: 164KB