961e878531961a6971f857c919d4bf0471caedf154b1e3ea8be6e99957e169f0

Sharing

Copy URL

Twitter E-mail

General

Target

961e878531961a6971f857c919d4bf0471caedf154b1e3ea8be6e99957e169f0
Size

286KB
MD5

dbc7df7999dc5f489a100681857eb6f0
SHA1

848b077e4d3231b8f2118a7b742ae3e55de1b8f0
SHA256

961e878531961a6971f857c919d4bf0471caedf154b1e3ea8be6e99957e169f0
SHA512

b9731d85a8eb4c7e0a3d4fc67ca42c9bafd5f9be441279a10d96ab4ba79aa284cd9817707e5fe8c9129d72e4e7b528cb549a9e14146d56818968dab01bebec89
SSDEEP

6144:VPIwlf7pAZ86QseIyaaf/6Chk81D6s5ZPsHlqmLlDEmPUtKH6P2ifXXhzv:dBlmHQXva+PksD6s5ZPAqQem5H6PHzv

Score

N/A

Malware Config

Signatures

Files

961e878531961a6971f857c919d4bf0471caedf154b1e3ea8be6e99957e169f0
.exe windows x86

377ec93cd2b97b8a056cbca8e479be6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GlobalMemoryStatus
GetProcessHeap
SetUnhandledExceptionFilter
HeapAlloc
IsValidLocale
EnterCriticalSection
RaiseException
LocalFree
CompareStringA
GetSystemTime
MoveFileExW
GetFileType
IsDebuggerPresent
GetModuleHandleA
CompareFileTime
SystemTimeToFileTime
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LocalAlloc
FreeLibrary
GetVolumeNameForVolumeMountPointW
SetEndOfFile
SetThreadPriority
MapViewOfFile
GetVolumePathNameW
GetSystemInfo
GetFileInformationByHandle
WaitForSingleObject
ReleaseMutex
UnmapViewOfFile
HeapValidate
GetSystemTimeAsFileTime
FlushFileBuffers
GetWindowsDirectoryA
GetSystemDirectoryA
SetFilePointer
SetLastError
CloseHandle
GetCurrentThreadId
UnhandledExceptionFilter
LeaveCriticalSection
HeapFree
ReadFile
CreateThread
FileTimeToSystemTime
WriteFile
GetFileSize
GetUserDefaultLCID
GetStartupInfoA
VirtualAllocEx
LoadLibraryA
GetLogicalDrives
SetComputerNameW
CreateNamedPipeW
GetTimeFormatA
GetLogicalDriveStringsW
CreateMutexW
ConnectNamedPipe
MoveFileW
OpenWaitableTimerA
SetCalendarInfoW
GetVolumeInformationA
SetComputerNameA
SleepEx
OpenEventW
GetCurrentDirectoryA
AddAtomW
lstrcat
GetExpandedNameW
GetCurrentDirectoryW
CreateMailslotW
GetNumberFormatA
GetWindowsDirectoryW
lstrcmpiA
OpenSemaphoreW
GetExpandedNameA
SetErrorMode
lstrcpyW
GetComputerNameA
GetTempPathW
WaitForMultipleObjects
DuplicateHandle
DosDateTimeToFileTime
lstrcatA
SearchPathW
IsBadCodePtr
CreateEventA
lstrcmpA
GetShortPathNameA
FileTimeToDosDateTime
GlobalAlloc
GlobalDeleteAtom
ReplaceFileW
DeleteAtom
lstrlen
OpenMutexA
SetCurrentDirectoryA
CreateSemaphoreW
CreateSemaphoreA
SetLocaleInfoW
IsBadStringPtrA
BeginUpdateResourceW
DisconnectNamedPipe
GlobalFindAtomA
GetVolumeInformationW
GetAtomNameA
RemoveDirectoryW

user32

TranslateMessage
IsWindow
SetTimer
PostThreadMessageA
KillTimer
GetMessageA
DestroyWindow

advapi32

SetSecurityDescriptorDacl
GetSecurityDescriptorControl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
GetSecurityDescriptorLength
GetFileSecurityW
SetFileSecurityW
RegCloseKey

iernonce

InitCallback

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 255KB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

377ec93cd2b97b8a056cbca8e479be6c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

iernonce

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 170KB

.data Size: 255KB - Virtual size: 5.8MB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 170KB

.data
Size: 255KB - Virtual size: 5.8MB

.rsrc
Size: 13KB - Virtual size: 12KB