531b3232dfb6883dfbefb77f80709cc1de35b7954852f86eeb042769cd1da4f7

Sharing

Copy URL

Twitter E-mail

General

Target

531b3232dfb6883dfbefb77f80709cc1de35b7954852f86eeb042769cd1da4f7
Size

58KB
MD5

0ea83f4703ce8c7804c3480a8bf6cf00
SHA1

9bd01c0abcc158e9b2e160d7928a6cd212ca7670
SHA256

531b3232dfb6883dfbefb77f80709cc1de35b7954852f86eeb042769cd1da4f7
SHA512

0001ecef1ad9f1f3309cec6fac0041decda73880c4885bd9b06d8be0fd0cfd70950cb129049e2a22652497c1dfafe4160dc9e1d0d203ee50fcdb941391aa1834
SSDEEP

768:bikiT8B1cEi82fFSOt5V/ERCYffvk4DIPcsQsJN55iDsn:bikiwM1fFPXFElJD6c655iD

Score

N/A

Malware Config

Signatures

Files

531b3232dfb6883dfbefb77f80709cc1de35b7954852f86eeb042769cd1da4f7
.exe windows x86

d22c1ef5e3df3aca5bc3fd5e922bf80c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalHandle
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
InterlockedExchange
IsBadWritePtr
IsValidCodePage
IsValidLocale
LCMapStringA
GetEnvironmentVariableA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
GetFileType
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
ResetEvent
SetErrorMode
SetFileAttributesW
SetFilePointer
SetHandleCount
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
GetCommandLineA
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LockResource
GetFileAttributesA
FormatMessageW
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExitProcess
EnumSystemLocalesA
DeleteFileW
CreateSemaphoreW
CreateMutexA
CompareStringW
CloseHandle
CreateFileW
VirtualAlloc
Sleep
LoadLibraryA
GetProcessHeap

user32

LoadCursorA
GetWindowThreadProcessId
GetSystemMetrics
LoadIconA
LoadStringW
MessageBoxW
SendMessageTimeoutW
SetForegroundWindow
GetSysColor

gdi32

GetStockObject

advapi32

RegDeleteKeyW
RegCloseKey
QueryServiceStatusEx
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
OpenProcessToken
LookupPrivilegeValueW
GetUserNameW
FreeSid
EnumServicesStatusExW
DeleteService
CloseServiceHandle
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegSetValueW
RegCreateKeyExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromProgID

shlwapi

PathRemoveFileSpecA
SHSetValueA
StrCmpIW
StrStrIA
SHGetValueA

msvcrt

_wcsdup
wcstoul
wcstol
wcstok
wcstod
memcpy
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_iob
_itow
_ltow
_onexit
_purecall
_snwprintf
_vsnprintf
_wchmod
_wcmdln
_wcsicmp
_wcsnicmp
_wfopen
_wtoi
_wtol
calloc
exit
fclose
fflush
fprintf
free
iswctype
malloc
memmove
realloc
strtok
swprintf
towupper
wcschr
wcscmp
wcscpy
wcslen
wcsncat
wcsncmp
wcsncpy
wcsstr

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d22c1ef5e3df3aca5bc3fd5e922bf80c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

msvcrt

Sections

.text Size: 29KB - Virtual size: 29KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 29KB - Virtual size: 29KB

.data
Size: 28KB - Virtual size: 27KB