7f04abc894e90cb420cdb4b4d48948d95e1032f66009fed55973d8e7c8143974

Sharing

Copy URL

Twitter E-mail

General

Target

7f04abc894e90cb420cdb4b4d48948d95e1032f66009fed55973d8e7c8143974
Size

210KB
MD5

164dd5e47e5b7dc484683730cde88f90
SHA1

38ece4510843d677659fcca433b289e996a29d9d
SHA256

7f04abc894e90cb420cdb4b4d48948d95e1032f66009fed55973d8e7c8143974
SHA512

593a4ac33b7c9d5d41d6ae67c90382efab21356db948c2dd34ac94eda394bdbb8ddfb32f6742d0b8c6ea602a3c90ec5df378af1cdb1f27f383685b1cee455a9b
SSDEEP

6144:2qNUjdprNaT+/ejl4M26lP1k9pFQJKLNd:2qNUZ3akpM20dk9vLNd

Score

N/A

Malware Config

Signatures

Files

7f04abc894e90cb420cdb4b4d48948d95e1032f66009fed55973d8e7c8143974
.exe windows x86

052c067c953b69a5e9a44bcf90cb809f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DuplicateIcon
ShellAboutA
ShellExecuteW
DragQueryFileW
DragQueryFileA
ExtractIconExA

ole32

OleSaveToStream
OleSetMenuDescriptor
CoGetStandardMarshal
CoGetObject
CoGetTreatAsClass

advapi32

UnlockServiceDatabase
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
OpenEventLogA
QueryServiceLockStatusW
LookupPrivilegeValueW
GetServiceKeyNameW
ControlService
OpenEventLogW
EnumDependentServicesW

kernel32

LoadLibraryW
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetProcAddress
HeapLock
GetConsoleCursorInfo
GetDefaultCommConfigA
lstrcmpiA
FindFirstChangeNotificationA
MultiByteToWideChar
InterlockedDecrement
GetCPInfo
GetLastError
WideCharToMultiByte
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapFree
LCMapStringW
GetStringTypeW
Sleep
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

052c067c953b69a5e9a44bcf90cb809f

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 163KB - Virtual size: 162KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 163KB - Virtual size: 162KB