fe9ad3b8f1f559c8b1a6d0da6a593eba3836026e5745f1483b1caad081426f62

Sharing

Copy URL Twitter E-mail

General

Target

fe9ad3b8f1f559c8b1a6d0da6a593eba3836026e5745f1483b1caad081426f62
Size

764KB
MD5

e8f4b3fd0c8afebbc34adb8b4af097d3
SHA1

79b84a0e7b07277d7b46499ed7bb738b72b39b99
SHA256

fe9ad3b8f1f559c8b1a6d0da6a593eba3836026e5745f1483b1caad081426f62
SHA512

8e5ff6eb162690bc245fe127da725404d79ca11561fc5632c58f0c40cc4727f99c573d4815ca5cf7d09361c7972aee875a8d75f5004ace2f81ed48da4535c28b
SSDEEP

12288:cfZJvb1P2tRYlDIXwdlrXokp4KA+A85P/Gnqnqnqnqn5Rnqnqnqnu2bGbGbGb:cRRtwIbdlrX8Ax5P/GqqqqDqqq

Score

N/A

Malware Config

Signatures

Files

fe9ad3b8f1f559c8b1a6d0da6a593eba3836026e5745f1483b1caad081426f62
.exe windows x86

3b0b14915e95adb0fce6fe81be6bc7d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegOpenKeyExA
GetTokenInformation
RegCloseKey
OpenProcessToken
RegDeleteValueA
RegSetValueExA
RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExW

oleaut32

SysAllocStringLen
SysStringLen
VariantClear

gdi32

DeleteObject
GetDeviceCaps
GetStockObject
SetTextColor
CreateCompatibleDC
SelectObject
CreateSolidBrush

kernel32

RtlUnwind
SetUnhandledExceptionFilter
GetFullPathNameA
VirtualAlloc
FindResourceA
SetConsoleCtrlHandler
IsBadReadPtr
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
IsValidCodePage
CreateProcessA
SizeofResource
GetVersion
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
SetEvent
GlobalLock
FindNextFileA
CreateFileMappingA
CompareStringA
InterlockedIncrement
lstrcpyA
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
WaitForMultipleObjects
DeleteFileW
GetCPInfo
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
GetProcAddress
GetCurrentThreadId
SetEndOfFile
VirtualQuery
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
GetStdHandle
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
GetEnvironmentVariableA
GetSystemTime
SetLastError
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
FormatMessageW
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
InterlockedExchange
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP

user32

SetForegroundWindow
MoveWindow
SetCursor
CallWindowProcA
SendMessageA
InvalidateRect
wsprintfA
IsWindowVisible
EnableMenuItem
GetSysColor
MessageBoxA
EndDialog
GetCursorPos
GetDesktopWindow
LoadIconA
LoadCursorA
ClientToScreen
GetDlgItem
DispatchMessageA
CheckMenuItem
SetWindowTextA
SetWindowLongA
ReleaseCapture
PostMessageA
GetWindowRect
GetSystemMetrics
DefWindowProcA
SetTimer
KillTimer
BeginPaint
GetMessageA
PeekMessageA
SetFocus
EndPaint
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
IsIconic
LoadStringA
GetWindow
TranslateMessage
EnableWindow
UpdateWindow
GetParent
DestroyWindow
TrackPopupMenu
ScreenToClient
GetClientRect
GetDC
IsWindow
SetWindowPos
LoadBitmapA
ReleaseDC
PostQuitMessage

Sections

.text
Size: 599KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b0b14915e95adb0fce6fe81be6bc7d8

Headers

File Characteristics

Imports

version

advapi32

oleaut32

gdi32

kernel32

user32

Sections

.text Size: 599KB - Virtual size: 598KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 92KB - Virtual size: 95KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 599KB - Virtual size: 598KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 92KB - Virtual size: 95KB

.rsrc
Size: 1KB - Virtual size: 1KB