c1c838655ab563c0cbc4d7aa1451b14b0e6fa2c6b9f92550eba3c225b4d57d73

General

Target

c1c838655ab563c0cbc4d7aa1451b14b0e6fa2c6b9f92550eba3c225b4d57d73
Size

159KB
MD5

062e425b1653af9f1fded34994a8de10
SHA1

899f2ca60e28faad220052e09a90a295c3026228
SHA256

c1c838655ab563c0cbc4d7aa1451b14b0e6fa2c6b9f92550eba3c225b4d57d73
SHA512

7829f52d552f89ca8c1e005839a3bb2038a1a4a47704a355e60af6b727be552f2fe5bbb2281d055b45423d31d1e294ba325cb9b3148346be99a10ea1853b0aa8
SSDEEP

3072:1hIbBgAYp11YdHxT+O8mR47E86RtggtXnGSvj8T2yzuKWiDgSL8a:3eMp1av4E8UpnGSvjU2yzuKWe8a

Score

N/A

Malware Config

Signatures

Files

c1c838655ab563c0cbc4d7aa1451b14b0e6fa2c6b9f92550eba3c225b4d57d73
.exe windows x86

4ac8f6a8535fd7829005d1ab4ea2f80d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
DuplicateTokenEx
RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
CryptAcquireContextW
GetUserNameW
RegCloseKey

kernel32

GetFileAttributesW
GetModuleHandleA
VirtualProtect
VirtualAlloc
Sleep
InitializeCriticalSection
CreateMutexW
SetFilePointer
GetVersionExW
SetFileTime
LeaveCriticalSection
GetFileAttributesA
GetAtomNameW
GetSystemTime
ExpandEnvironmentStringsW
FindClose
GetUserDefaultUILanguage
FindResourceW
CreateThread
GetCommandLineA
GetTickCount
GetModuleFileNameA
GetTimeZoneInformation
GlobalLock
TryEnterCriticalSection
CreateEventW
lstrlenA
lstrcpyW

user32

GetClipboardData
ToUnicode
DispatchMessageA
GetWindowLongA
GetIconInfo
SetProcessWindowStation
DrawIcon
GetWindowThreadProcessId
CharLowerBuffA
GetDlgItem
FindWindowExA
LoadCursorA
GetForegroundWindow
GetClassNameA
MsgWaitForMultipleObjects
OpenDesktopA

shlwapi

StrCmpNIA
StrStrW
PathFileExistsW
wvnsprintfA
wnsprintfA
SHDeleteKeyA
PathCombineW
PathFindFileNameW
StrCmpNIW
wnsprintfW
wvnsprintfW

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ac8f6a8535fd7829005d1ab4ea2f80d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

shlwapi

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 20KB