cd772286d4c49b8760a17b74ecb82373505462b8216db09d1d6f8343fe2f187c

General

Target

cd772286d4c49b8760a17b74ecb82373505462b8216db09d1d6f8343fe2f187c
Size

160KB
MD5

78b3f32454386c18f6a17b3ecf0cd470
SHA1

2f1905108f8cf359b45fdc6a4bf0deb02a080503
SHA256

cd772286d4c49b8760a17b74ecb82373505462b8216db09d1d6f8343fe2f187c
SHA512

6f9225a7b3a44ef087971186955f817e404943f52284c83bf31ff02b934e195460ec08ac1c8dff359d1d73dda61fd947a92b226d401dca9efb2f21ea34c1dc84
SSDEEP

3072:0kg2Q6DU65i1E6ls1fTewOBDVicq70Oe46Gu7FbGCkK7ieTjiNKcPx:Hg56Q65j5TewOBhici0O9ju1bdPjip

Score

N/A

Malware Config

Signatures

Files

cd772286d4c49b8760a17b74ecb82373505462b8216db09d1d6f8343fe2f187c
.exe windows x86

42606a0954c03d1f3a8b690becd1d780

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
InterlockedExchange
WaitForSingleObjectEx
GetVersionExA
SetEvent
TryEnterCriticalSection
SetFilePointer
RaiseException
GetModuleFileNameW
CreateFileA
FreeLibrary
LocalFree
CloseHandle
InterlockedExchangeAdd
SleepEx
GetModuleHandleA
WaitForSingleObject
ReadFile
InterlockedCompareExchange
FindCloseChangeNotification
GetFileSize
CreateThread
RegisterWaitForSingleObject
SetFilePointerEx
VirtualAlloc
FindClose
GetStartupInfoA

advapi32

RegCreateKeyExA
IsValidSid
RegDeleteKeyA
SetSecurityDescriptorDacl
LookupAccountSidA
RegQueryValueExA
CheckTokenMembership
RegCreateKeyW
OpenThreadToken
RegOpenKeyExA
AllocateAndInitializeSid
GetTokenInformation
RegCloseKey

msi

ord223

msvcrt

_onexit
atoi
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42606a0954c03d1f3a8b690becd1d780

Headers

File Characteristics

Imports

kernel32

advapi32

msi

msvcrt

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 236KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 236KB

.rsrc
Size: 12KB - Virtual size: 10KB