c58fdaf6f2b943f1c8ef7b91d86fed86dd30979531ad99f6e7aae47b5f639561

Sharing

Copy URL Twitter E-mail

General

Target

c58fdaf6f2b943f1c8ef7b91d86fed86dd30979531ad99f6e7aae47b5f639561
Size

283KB
MD5

ebece07802edadecee354947596baed9
SHA1

89db8367cbeb3a2b041d5bedad6a551b7ce11526
SHA256

c58fdaf6f2b943f1c8ef7b91d86fed86dd30979531ad99f6e7aae47b5f639561
SHA512

3fcfb11832b476dd573d08cc5bd3089982df41a522cad1f5611a7291e51ad7bc1d746ff11d3baf3bc5557ff254b94c7ee3a9a0b4e8c22a22673c8f1aeb9a5d17
SSDEEP

6144:yFRGs+shtCYroqWPLqP1dPYBaZCgnBguvHbr9tFPEuH9Bg4:/s+shtlpWLqPjYBECgnCu/dbnHh

Score

N/A

Malware Config

Signatures

Files

c58fdaf6f2b943f1c8ef7b91d86fed86dd30979531ad99f6e7aae47b5f639561
.exe windows x86

7c6094e18047958b3bd568db19c3a021

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid

advapi32

OpenProcessToken
RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
OpenThreadToken
RegCloseKey
ImpersonateLoggedOnUser
GetUserNameA
RegOpenKeyA
RevertToSelf

user32

wsprintfA

shfolder

SHGetFolderPathA

kernel32

ResetEvent
GetUserDefaultLCID
TlsGetValue
GetSystemTimeAsFileTime
FatalAppExitA
ResumeThread
SetLastError
WideCharToMultiByte
HeapReAlloc
GetExitCodeThread
GetModuleHandleA
FlushFileBuffers
SetUnhandledExceptionFilter
GetOEMCP
TlsAlloc
WriteFile
IsBadStringPtrA
UnhandledExceptionFilter
GetTimeFormatA
SetFilePointer
TerminateThread
ReadFile
CompareStringW
GetACP
IsValidCodePage
LocalFree
GetFileType
IsBadCodePtr
HeapFree
GetTimeZoneInformation
HeapDestroy
lstrcpyA
LeaveCriticalSection
CompareStringA
GetCurrentThreadId
GetCommandLineA
WaitForSingleObject
GetComputerNameA
GetSystemInfo
LCMapStringA
GetDriveTypeA
DeleteCriticalSection
GetDateFormatA
SetConsoleCtrlHandler
SetEndOfFile
WaitForMultipleObjects
HeapSize
SetHandleCount
EnterCriticalSection
CreateFileA
CloseHandle
VirtualAlloc
LCMapStringW
OpenThread
EnumSystemLocalesA
FreeEnvironmentStringsW
VirtualFree
RaiseException
FormatMessageA
FreeEnvironmentStringsA
TlsFree
VirtualProtect
VirtualQuery
HeapAlloc
CreateEventA
CreateThread
RtlUnwind
SetEnvironmentVariableA
FreeLibrary
SuspendThread
TlsSetValue
SetStdHandle
IsValidLocale
GetStdHandle
LoadLibraryW
VirtualAllocEx

esent

JetCreateIndex
JetDelete
JetUnregisterCallback
JetOpenTempTable2
JetBeginSession
JetSetSystemParameter
JetCreateTableColumnIndex2
JetSetCurrentIndex
JetPrepareToCommitTransaction
JetDefragment
JetOSSnapshotThaw
JetGetTableIndexInfo

w32topl

ToplHeapExtractMin
ToplListAddElem
ToplGraphCreate
ToplGraphFree
ToplIterGetObject
ToplScheduleDuration

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 257KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c6094e18047958b3bd568db19c3a021

Headers

File Characteristics

Imports

ole32

advapi32

user32

shfolder

kernel32

esent

w32topl

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 257KB - Virtual size: 367KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 257KB - Virtual size: 367KB

.rsrc
Size: 2KB - Virtual size: 1KB