c889cb7b42824edca2d5ddd5a1f3fd54a7f1f93517a19693e20a70ed3ec537a0

Sharing

Copy URL Twitter E-mail

General

Target

c889cb7b42824edca2d5ddd5a1f3fd54a7f1f93517a19693e20a70ed3ec537a0
Size

291KB
MD5

455822d32e1b5eb1b409c45961d0edc5
SHA1

21c3e2c8d8f8ed06cf1d5358dea4d99c0a23926e
SHA256

c889cb7b42824edca2d5ddd5a1f3fd54a7f1f93517a19693e20a70ed3ec537a0
SHA512

3b15d5d40c49a14efa3e4845b989fd649ee5ac9ec663d257de562be2088523ea787afd8557a377190647fbdf9ffbb5d4216511d3edd224c7bc927270d63f6e5c
SSDEEP

6144:wfXSq43yl0YKkM/gxo7O3T5LpanOV9ILrDSUWuZfX2i:0wyy8M/g67ulLWomLrDSUvZvl

Score

N/A

Malware Config

Signatures

Files

c889cb7b42824edca2d5ddd5a1f3fd54a7f1f93517a19693e20a70ed3ec537a0
.exe windows x86

8ca49360c435072fb671dbb2e1ab1a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoLockObjectExternal

shlwapi

PathAppendW
PathAddBackslashW
PathRemoveFileSpecW

user32

MessageBoxW
GetWindowLongA

oleaut32

VarBstrCat
SysFreeString
SysStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SysAllocStringLen
VarBstrCmp
SysAllocString
VariantTimeToSystemTime
VariantCopy
SysStringByteLen
VarBstrFromDec

kernel32

GetConsoleCP
CreateFileW
WideCharToMultiByte
GetDateFormatW
GetStdHandle
TlsSetValue
lstrlenA
WriteConsoleW
GetModuleHandleA
GetCommandLineA
GetTimeFormatW
GetFileType
SetLastError
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapFree
WriteFile
FlushFileBuffers
CloseHandle
IsValidCodePage
DeleteCriticalSection
lstrlenW
RtlUnwind
FindResourceW
EnterCriticalSection
HeapSize
SetFilePointer
SetStdHandle
GetConsoleMode
GetOEMCP
InitializeCriticalSectionAndSpinCount
SizeofResource
HeapDestroy
LoadResource
GetProcessHeap
GetThreadLocale
HeapReAlloc
GetSystemTimeAsFileTime
LockResource
TlsGetValue
SetUnhandledExceptionFilter
RaiseException
LeaveCriticalSection
GetUserDefaultLCID
LCMapStringW
FindResourceExW
HeapAlloc
GetModuleHandleW
GetACP
EnumSystemLocalesA
TlsAlloc
IsValidLocale
GetCurrentThreadId
FormatMessageW
SetHandleCount
FreeLibrary
FreeEnvironmentStringsW
IsDebuggerPresent
TlsFree
GetStartupInfoA
VirtualAlloc

advapi32

RegConnectRegistryW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyA
RegEnumKeyExW
RegQueryValueExW
RegEnumValueW
RegSetValueExW
RegEnumKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyW
RegCreateKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyA

comctl32

CreateStatusWindow
ImageList_Duplicate
ImageList_SetFlags
InitCommonControlsEx
GetMUILanguage
ImageList_BeginDrag

pstorsvc

ServiceEntry

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ca49360c435072fb671dbb2e1ab1a57

Headers

File Characteristics

Imports

ole32

shlwapi

user32

oleaut32

kernel32

advapi32

comctl32

pstorsvc

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 264KB - Virtual size: 283KB

.rsrc Size: 2KB - Virtual size: 9KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 264KB - Virtual size: 283KB

.rsrc
Size: 2KB - Virtual size: 9KB