fff88a803cecc0275f5b9521c5593b14edd091b4b61e678a537a3be61db999c1

Sharing

Copy URL Twitter E-mail

General

Target

fff88a803cecc0275f5b9521c5593b14edd091b4b61e678a537a3be61db999c1
Size

221KB
MD5

44fcc7ea532b2f881eb0a81f20aa9c2d
SHA1

377f558f05620e8673f0c66bb23926870fbbc96e
SHA256

fff88a803cecc0275f5b9521c5593b14edd091b4b61e678a537a3be61db999c1
SHA512

a20dba09450eea0d8f7f49236870cd520c52945a2be5e1f56c3ec7ce710871669b9a086057e7d6fab935cd16831cd66276410e31391397ef0ae45091c46c9c19
SSDEEP

3072:nhkWGqAoHz9rr6f3PHJVfnqv2SoxJ1QZsa5cN6KwRhVLfFcBact2v0XZQvuY0:hwqAoTprIhAsxUGcRh32act2v0JQvC

Score

N/A

Malware Config

Signatures

Files

fff88a803cecc0275f5b9521c5593b14edd091b4b61e678a537a3be61db999c1
.exe windows x86

9a7f82014da67c6ed0d18a69bf9fa013

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconExA
DuplicateIcon
ExtractAssociatedIconA
DragQueryFileA
FindExecutableW
ShellAboutW
DoEnvironmentSubstW
FindExecutableA

ole32

CoGetClassObject
OleFlushClipboard
StgGetIFillLockBytesOnFile
CoQueryAuthenticationServices
OleCreateLinkEx

advapi32

RegSetValueExW
BackupEventLogA
SetSecurityDescriptorDacl
EqualSid
ObjectCloseAuditAlarmA
AccessCheckByTypeAndAuditAlarmW
ChangeServiceConfigA
RegOpenKeyExA
GetUserNameA
RegNotifyChangeKeyValue

kernel32

WriteConsoleW
RtlUnwind
LoadLibraryW
HeapReAlloc
GetConsoleCP
FlushFileBuffers
SetFilePointer
HeapSize
SetStdHandle
GetModuleHandleW
FormatMessageA
OpenJobObjectA
UnregisterWaitEx
GetConsoleOutputCP
UnmapViewOfFile
GetProfileSectionW
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetLastError
GetDiskFreeSpaceA
GetLogicalDrives
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
SetLastError
GetCurrentThreadId
GetProcAddress
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
HeapFree
CreateFileW
CloseHandle
HeapAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
Sleep

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a7f82014da67c6ed0d18a69bf9fa013

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 156KB - Virtual size: 155KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 156KB - Virtual size: 155KB