fd093e7d26281bc4d8babd7ecd15660c1758790fe034c591307631ceadd63c07

Sharing

Copy URL Twitter E-mail

General

Target

fd093e7d26281bc4d8babd7ecd15660c1758790fe034c591307631ceadd63c07
Size

282KB
MD5

33388e68963ab29a557b7de8670fc7e0
SHA1

f5657cec41c16af6fbab13168826a5061331d87d
SHA256

fd093e7d26281bc4d8babd7ecd15660c1758790fe034c591307631ceadd63c07
SHA512

69e108af3714e18675eb76f7436e68560c25b4cb1f84152a8ea259012baf578ccf7ffa877a7f8170292fb011277be3da5c483081232925c599bac2394258b3c6
SSDEEP

6144:e+JUfFZpr67xMy9fdJtk5tNclpEYMBB88:HJQFn67xJdJtk5fcLzUR

Score

N/A

Malware Config

Signatures

Files

fd093e7d26281bc4d8babd7ecd15660c1758790fe034c591307631ceadd63c07
.exe windows x86

116c5a5a4aa2628581d63847ec31d9b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
RaiseException
GetConsoleCP
IsValidCodePage
InterlockedIncrement
IsDebuggerPresent
HeapAlloc
ExitThread
CreateNamedPipeW
GetModuleFileNameW
TerminateThread
CreateEventW
ReadFile
WriteFile
DisconnectNamedPipe
GetOverlappedResult
WaitForMultipleObjects
ConnectNamedPipe
EnterCriticalSection
InitializeCriticalSection
OutputDebugStringW
GetLocalTime
SetEndOfFile
QueryPerformanceCounter
LCMapStringA
GetStringTypeA
GetLocaleInfoA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
UnhandledExceptionFilter
VirtualQuery
InterlockedExchange
RtlUnwind
VirtualFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
ExitProcess
GetProcessHeap
GetEnvironmentVariableA
SetFilePointer
HeapCreate
HeapDestroy
SetFileTime
Sleep
HeapFree
IsBadReadPtr
ReleaseMutex
FlushViewOfFile
UnmapViewOfFile
LocalAlloc
LocalFree
DeleteFileW
DeleteFileA
MoveFileW
MoveFileA
CreateFileMappingW
CreateFileMappingA
OpenFileMappingW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
CreateFileW
CreateFileA
CreateMutexA
GetFullPathNameA
SetLastError
MultiByteToWideChar
lstrlenW
lstrlenA
CreateEventA
CreateThread
WaitForSingleObject
CloseHandle
lstrcmpA
IsDBCSLeadByte
lstrcmpiA
LeaveCriticalSection
InterlockedDecrement
GetVersionExA
GetSystemInfo
DisableThreadLibraryCalls
DeleteCriticalSection
VirtualProtect
GetModuleFileNameA
QueryPerformanceFrequency
GetLastError
FreeLibrary
GetModuleHandleA
CreateProcessA
GetCommandLineA
GetExitCodeThread
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetFileSize
RemoveDirectoryA

user32

GetClassInfoA
RegisterClassA
IsWindow
CharLowerBuffW
SetTimer
KillTimer
DestroyWindow
DefWindowProcA
CreateWindowExA

advapi32

RegOpenKeyW
InitializeSecurityDescriptor
RegQueryValueExW
RegEnumKeyA
RegOpenKeyExA
SetSecurityDescriptorDacl

ole32

CoCreateInstance
CoGetMalloc

msvcrt

malloc
free
fflush
exit
memmove
strcat
strcmp
strlen
strncpy
strchr

shlwapi

StrToIntExA
StrCpyNW
StrCmpIW
PathFileExistsW
PathRenameExtensionW
StrCmpW
PathRemoveFileSpecA
StrStrA

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

116c5a5a4aa2628581d63847ec31d9b6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

shlwapi

Sections

.text Size: 56KB - Virtual size: 54KB

.idata Size: 8KB - Virtual size: 4KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 88KB - Virtual size: 2.6MB

.rsrc Size: 72KB - Virtual size: 69KB

.text
Size: 56KB - Virtual size: 54KB

.idata
Size: 8KB - Virtual size: 4KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 88KB - Virtual size: 2.6MB

.rsrc
Size: 72KB - Virtual size: 69KB