187b20f915b574af733a6eb200b5559f9c846d5feaefd03fb45ae493834d8f96

General

Target

187b20f915b574af733a6eb200b5559f9c846d5feaefd03fb45ae493834d8f96
Size

331KB
MD5

365deb4ccd264486d03faee9c8a7fcaf
SHA1

14fe5664223b67707a21861753a54f454f4a0ef5
SHA256

187b20f915b574af733a6eb200b5559f9c846d5feaefd03fb45ae493834d8f96
SHA512

e3c7bd4cd845715cf6bdf9639501bfd21606a8d0e889a5accb9721bfdb729edfddc8fad013f13c194beda41ad3ebc7264fd54b0af96e2a8ee137b2f950973dff
SSDEEP

6144:CZ2lqnj0iUj9WBUNp5ISbIFHIfUN1ruyq6G/AhiRiaTRC+evmyBWSraJjSOF6u:PMw8ScD+L/AsoMI+Tk2JJ6u

Score

N/A

Malware Config

Signatures

Files

187b20f915b574af733a6eb200b5559f9c846d5feaefd03fb45ae493834d8f96
.exe windows x86

cb4bc6601a5efc8c6c5408db7be631d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA
RegQueryValueExA
RegOpenKeyExA
ReportEventW
RegCreateKeyA
RegReplaceKeyA
RegDeleteValueA
RegQueryMultipleValuesA
RegNotifyChangeKeyValue
RegSaveKeyA
OpenProcessToken

shlwapi

SHRegWriteUSValueW
PathIsSameRootW
StrTrimW
PathCompactPathExW
PathStripPathW
StrDupW
PathUnmakeSystemFolderA
StrChrIW
PathMakePrettyA
StrCSpnIA
SHRegCreateUSKeyA
PathRemoveBlanksW

kernel32

GetModuleHandleA
SetEvent
SuspendThread
VirtualAllocEx
CreateSemaphoreA
ReleaseMutex
OpenSemaphoreA
ResumeThread
ResetEvent
ReleaseSemaphore
GetProcAddress
GetPrivateProfileSectionA
VerLanguageNameA
GlobalSize
GetStringTypeA
GetThreadLocale
CreateMutexA
VirtualQueryEx
WaitForMultipleObjects
IsValidCodePage
GetProcessHeap
HeapLock
HeapDestroy
LeaveCriticalSection
VirtualFreeEx
LocalSize
GetOverlappedResult
GetProfileStringA
GetStartupInfoA

version

VerInstallFileA
GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueA
GetFileVersionInfoA

netapi32

NetGroupGetInfo

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
perror
__mb_cur_max
_isctype
iswctype
_pctype

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb4bc6601a5efc8c6c5408db7be631d6

Headers

File Characteristics

Imports

advapi32

shlwapi

kernel32

version

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 311KB - Virtual size: 415KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 311KB - Virtual size: 415KB

.rsrc
Size: 6KB - Virtual size: 5KB