d1da1de1a087fc8f5d25478f07f938a4f822f20c82dfbccc383fa114a5690e3e

Sharing

Copy URL Twitter E-mail

General

Target

d1da1de1a087fc8f5d25478f07f938a4f822f20c82dfbccc383fa114a5690e3e
Size

728KB
MD5

5f46d8b4fee91f56d860dc7967503d3f
SHA1

139a781809c1221cbb8e27c88a2d5792bb4401df
SHA256

d1da1de1a087fc8f5d25478f07f938a4f822f20c82dfbccc383fa114a5690e3e
SHA512

6b5c371d09c51332af7d8e49045e622c97b20ee7d251a2a797495cfb3828babe2d0cc33509adbd2bfe92fb194057067a3396383a63df65599a11c5f0a9ee1d2c
SSDEEP

12288:cV/45PCfAUPI8ysSSw7WBC12eAJ9RMnpBfI7wa8KkosO:64gfAOI8ysa7J12J7MnXza8N

Score

N/A

Malware Config

Signatures

Files

d1da1de1a087fc8f5d25478f07f938a4f822f20c82dfbccc383fa114a5690e3e
.exe windows x86

6db1ce28f0135da2af4dcbb0d2852048

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegEnumKeyExA
RegQueryInfoKeyW
GetSecurityDescriptorControl
RegDeleteValueW
RegQueryInfoKeyA
RegCreateKeyW
RegCreateKeyExW

version

VerQueryValueA
GetFileVersionInfoW
VerQueryValueW

comctl32

DestroyPropertySheetPage
ord17
ImageList_Destroy
PropertySheetA
PropertySheetW
CreatePropertySheetPageW
CreateToolbarEx
CreatePropertySheetPageA
ImageList_AddMasked
ImageList_ReplaceIcon

kernel32

SetStdHandle
CloseHandle
LCMapStringW
GetStringTypeW
VirtualAlloc
SystemTimeToFileTime
GetModuleFileNameA
ExitProcess
GetThreadTimes
InitializeCriticalSection
CreateProcessA
GetACP
RaiseException
GetVersionExW
LCMapStringA
DeleteCriticalSection
UnmapViewOfFile
GetTempPathW
InterlockedDecrement
LeaveCriticalSection
lstrcmpiW
lstrcpyA
ExpandEnvironmentStringsA
CreateMutexW
GetTempPathA
HeapDestroy
GetVersionExA
lstrlenA
CreateProcessW
InterlockedIncrement
LocalFree
GetConsoleCP
lstrcpyW
lstrcatA
lstrcmpiA
SizeofResource
GetFileType
GetLocaleInfoA
GlobalLock
QueryPerformanceCounter
HeapSize
lstrcpynW
GetStartupInfoA
CopyFileW
GetTimeFormatA
GetCurrentProcessId
GetSystemTime
ReadFile
MapViewOfFile
GetFileSize
Sleep
GetVersion
IsValidLocale
SetPriorityClass
IsBadStringPtrW
GetModuleFileNameW
SetEndOfFile
GetFileTime
ResetEvent
FindResourceExW
ReleaseMutex
GetModuleHandleW
CreateDirectoryA
lstrlenW
CreateThread
GetCPInfo
CreateFileMappingA
GlobalReAlloc
CreateEventW
HeapReAlloc
GlobalAlloc
GetStringTypeA
CreateFileA
LoadLibraryExW
HeapAlloc
GetModuleHandleA
GetCommandLineA
HeapCreate
VirtualFree
HeapFree
IsBadWritePtr
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
RtlUnwind
WriteFile
GetOEMCP
GetProcAddress
LoadLibraryA
GetLastError
FlushFileBuffers
SetFilePointer
MultiByteToWideChar

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 624KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6db1ce28f0135da2af4dcbb0d2852048

Headers

File Characteristics

Imports

advapi32

version

comctl32

kernel32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 624KB - Virtual size: 627KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 624KB - Virtual size: 627KB