2270783ccc0938e177c979028d6d8d1c3446542ba232229670b04ab90eb51803

Sharing

Copy URL Twitter E-mail

General

Target

2270783ccc0938e177c979028d6d8d1c3446542ba232229670b04ab90eb51803
Size

4.7MB
MD5

5f0fd0ef6d909b264c1b92b150a68658
SHA1

2e0159e41584832b125dd4e005cf21b170d6b780
SHA256

2270783ccc0938e177c979028d6d8d1c3446542ba232229670b04ab90eb51803
SHA512

d442a968ab9b2fe30c39689cda3ace02c3a5cdf23d94a8d512e4796273b04a69f394672795e988173ef06c76aa76da3fe886b2a17223ae5a8880165e61bfdf4e
SSDEEP

98304:2bO3EKE8CoG3nPTWEUJ8d91xgwGPphAms1+PVYuhAN8:2bO3EZ82Pl6QERhFWTqT

Score

N/A

Malware Config

Signatures

Files

2270783ccc0938e177c979028d6d8d1c3446542ba232229670b04ab90eb51803
.exe windows x86

6e304fd1c659a1073311da7ab50f5449

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
SetLastError
LoadResource
GetSystemInfo
GetStringTypeA
FormatMessageW
OutputDebugStringA
GetLocalTime
FreeEnvironmentStringsW
GetFileAttributesW
Sleep
CompareStringW
LeaveCriticalSection
GlobalAlloc
DisableThreadLibraryCalls
TerminateProcess
IsDebuggerPresent
GetLocaleInfoA
InitializeCriticalSection
GetStartupInfoA
LoadLibraryW
GetVersionExW
GetCurrentThread
GetEnvironmentStringsW
GetModuleHandleA
HeapSize
UnmapViewOfFile
CreateFileA
SetEvent
HeapCreate
ExitProcess
LCMapStringW
VirtualFree

user32

EqualRect
DefWindowProcA
SetCursor
LoadStringA
PostMessageW
GetWindowLongA
IsIconic
GetKeyState
wsprintfA
LoadImageW
FillRect
CharNextA
BeginPaint
SendDlgItemMessageW
IsWindowVisible
CheckMenuItem
ScreenToClient
CallWindowProcW

gdi32

DeleteObject
EndDoc
MoveToEx
CreateCompatibleBitmap
CombineRgn
StretchBlt
Escape
GetClipBox
CreateFontIndirectA
GetTextAlign
GetCharWidthA

advapi32

GetSecurityDescriptorDacl
GetSecurityDescriptorLength
RegQueryInfoKeyA
RegSetValueExA
QueryServiceStatus
ImpersonateLoggedOnUser
CryptCreateHash
IsValidSid
RegQueryValueExW
RegCreateKeyA
CryptGenKey
CryptAcquireContextA
DuplicateTokenEx
RegQueryInfoKeyW

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit

crypt32

CertFreeCRLContext

Sections

a54
Size: 4.4MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

a55
Size: 151KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a56
Size: 111KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

a57
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e304fd1c659a1073311da7ab50f5449

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

crypt32

Sections

a54 Size: 4.4MB - Virtual size: 4.9MB

a55 Size: 151KB - Virtual size: 290KB

a56 Size: 111KB - Virtual size: 183KB

a57 Size: 2KB - Virtual size: 3KB

.rsrc Size: 42KB - Virtual size: 41KB

a54
Size: 4.4MB - Virtual size: 4.9MB

a55
Size: 151KB - Virtual size: 290KB

a56
Size: 111KB - Virtual size: 183KB

a57
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 42KB - Virtual size: 41KB