a5b5f7874a3d74aaf87463f1f990ea3b271d487073c10bda01ec0b5fe6446823

Sharing

Copy URL Twitter E-mail

General

Target

a5b5f7874a3d74aaf87463f1f990ea3b271d487073c10bda01ec0b5fe6446823
Size

144KB
MD5

ce2ebdd1d34ff470f33030afcd8861b6
SHA1

5ac74c3c4bf4f855bff3eaeaf7dc93645636d3fb
SHA256

a5b5f7874a3d74aaf87463f1f990ea3b271d487073c10bda01ec0b5fe6446823
SHA512

b8e30355005831e4b2d3592adf0d58862ed9d032a811dfba3bf383b26fbc605cc165452ddc02bf50d6900e0c1432ee10797fa88f7fad766ca658980e1224d52f
SSDEEP

3072:Z/OlSyrtv0O6tKhWukNUl/dzZDFs5Iax3+FFvySaT+y:Z8SyJ0/CWukNUl/N5CIadQpySaT+y

Score

N/A

Malware Config

Signatures

Files

a5b5f7874a3d74aaf87463f1f990ea3b271d487073c10bda01ec0b5fe6446823
.exe windows x86

7b65894bb30b6a785333db1326e14cdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetStringTypeA
GetCommandLineA
LCMapStringA
GetOEMCP
Sleep
SetFilePointer
ReadFile
lstrcmpA
SetLastError
lstrcpyA
GetLocalTime
LoadResource
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
lstrlenA
CloseHandle
MoveFileA
FreeLibrary
SetFileAttributesA
DeleteFileA
GetSystemDirectoryA
MultiByteToWideChar
ExitProcess
lstrcatA
GetLastError
GetProcessHeap
HeapAlloc
GetModuleHandleA
HeapFree
LoadLibraryA
GetProcAddress
LCMapStringW
RtlUnwind
HeapReAlloc
RaiseException
GetStartupInfoA
GetVersion
VirtualFree
VirtualAlloc
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetStringTypeW

user32

PostThreadMessageA
GetMessageA
wsprintfA
GetInputState

advapi32

RegCloseKey
OpenServiceA
StartServiceA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
LookupAccountNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
AddAce
GetAce
EqualSid
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetFileSecurityA

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b65894bb30b6a785333db1326e14cdc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 96KB - Virtual size: 94KB