ef758fd0a2b10b4800c482c3ca1cd65d427f2ee025ecf1eb7a89ba7468c15017

Sharing

Copy URL Twitter E-mail

General

Target

ef758fd0a2b10b4800c482c3ca1cd65d427f2ee025ecf1eb7a89ba7468c15017
Size

107KB
MD5

ce47c5a1dd548d168322d5523bf526fb
SHA1

55aa7adfdd078a78dc7e5e80c4479ff34c0ac9aa
SHA256

ef758fd0a2b10b4800c482c3ca1cd65d427f2ee025ecf1eb7a89ba7468c15017
SHA512

2561f164aa8508ea0d5428265cabe943218df8321ad605ddd2e74b9ecf766c558378d5fe34871df7e580bad3e60f1adb8128771ada832b829db6f2f1a42c4236
SSDEEP

1536:b/PKYcaQkrhfUVTobIckDuKnkNEbDdgYOpiMzJK9p8Xzx4Ecbu5VUWzBiDZifAb:b/PPVrhfUVTe0r9/dgYSHJwu94eh9gB

Score

N/A

Malware Config

Signatures

Files

ef758fd0a2b10b4800c482c3ca1cd65d427f2ee025ecf1eb7a89ba7468c15017
.exe windows x86

39c259172ee29a9bc1f63e51de74450e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTempPathW
SetThreadLocale
GetUserDefaultLangID
SetFilePointer
EnumCalendarInfoA
GetCurrentProcess
GetModuleHandleA
GetStringTypeW
GetFullPathNameA
IsDebuggerPresent
CreateProcessA
GetModuleFileNameA
GetDateFormatA
GetTempPathA
GlobalAlloc
SetCurrentDirectoryA
LocalFileTimeToFileTime
DeleteFileA
GetVersion
FreeEnvironmentStringsA
SetEnvironmentVariableA
GlobalFree
GetUserDefaultLCID
lstrlenW
Sleep
GetSystemTime
lstrcpynA
GetShortPathNameA
lstrlenA
GetModuleHandleW
InterlockedIncrement
LoadResource
VirtualProtect
GetExitCodeProcess
GetCommandLineW
lstrcatA
lstrcmpiA
RtlUnwind
WaitForMultipleObjects
IsBadWritePtr
GetTempFileNameA
GetThreadLocale
GetACP
GetFileAttributesW
GetLocaleInfoW
GlobalHandle

msvcrt

__p___initenv
_adjust_fdiv
_XcptFilter
_controlfp
_initterm
__getmainargs
__p__fmode
__p__commode
__set_app_type
__setusermatherr
_exit
_except_handler3

advapi32

CryptDestroyHash
RegDeleteValueA
RegOpenKeyExA
OpenSCManagerW
CryptReleaseContext
RegOpenKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
RegSetValueExA
InitializeAcl
LookupPrivilegeValueA
RegEnumKeyExA
CloseServiceHandle
IsValidSid
RegCreateKeyExW
LookupPrivilegeValueW
RegFlushKey
AllocateAndInitializeSid
RegCreateKeyExA
RegEnumValueW
DeregisterEventSource
CryptAcquireContextA
GetSecurityDescriptorDacl
RegQueryInfoKeyW
RegDeleteKeyW
RevertToSelf
EqualSid
RegEnumKeyA
RegCreateKeyA
RegDeleteKeyA
ControlService
RegQueryValueA
GetUserNameA
CryptGenRandom
RegEnumValueA
FreeSid

user32

PtInRect
GetScrollPos
LoadIconA
GetDC
DefWindowProcA
GetWindowLongA
LoadBitmapA
AdjustWindowRectEx
GetDlgItem
GetMenu
CallNextHookEx
GetMessagePos
GetSysColor
RegisterClassA
IsZoomed
EnableWindow
SetWindowLongA
SetForegroundWindow
IsWindow
CloseClipboard
GetFocus
WinHelpA
EnumWindows
PostMessageA
wsprintfA
FindWindowA
RemoveMenu
SendMessageA
IntersectRect
EmptyClipboard
CallWindowProcA
WaitMessage
GetSystemMenu
SetTimer
GetTopWindow
GetWindowTextA
TrackPopupMenu
InflateRect
DrawIconEx
MessageBeep
InsertMenuA

Sections

.text
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39c259172ee29a9bc1f63e51de74450e

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 1024B - Virtual size: 828B

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 1024B - Virtual size: 828B

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 33KB - Virtual size: 32KB