df5ab223f34a29c57df0b260bfdefe25cc01bc75321c6e93269ef2c1aee38b88

Sharing

Copy URL

Twitter E-mail

General

Target

df5ab223f34a29c57df0b260bfdefe25cc01bc75321c6e93269ef2c1aee38b88
Size

259KB
MD5

10bb77f4347a8180f3069ec4a1d3bb00
SHA1

77663841912b9ecdefb187acb04fb1faf09c05f8
SHA256

df5ab223f34a29c57df0b260bfdefe25cc01bc75321c6e93269ef2c1aee38b88
SHA512

fe5188ea3f4be4ccafb6f67246deacf6b60dcc1d34f0dab82d23737913ac888a42717ede5cc1c1e69dea18edc5894b57c64feb3829f56418daae36efaf732b71
SSDEEP

6144:Wqkpl9HX8DqrItDpSuXgUJhS19Guxox5F7OyEPk/aEMBeqrNVwPm7ygSTD:WlD38Dqr6ZvJh2Gu8myckJ0eqhWrfTD

Score

N/A

Malware Config

Signatures

Files

df5ab223f34a29c57df0b260bfdefe25cc01bc75321c6e93269ef2c1aee38b88
.exe windows x86

2f4dc09f28db652b48c84cfd30109d2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
lstrcpynA
lstrlenA
GetLastError
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetFileAttributesW
FreeLibrary
MultiByteToWideChar
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
Sleep
LocalFree
GetTickCount
GetModuleFileNameW
GetVersionExW
LocalAlloc
LoadLibraryW
GetProcessHeap
GetProcAddress

user32

EnableWindow
SetForegroundWindow
SendMessageW

advapi32

RegCreateKeyExW
RegEnumKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteKeyA

shell32

SHGetDesktopFolder

msasn1

ASN1intx_free
ASN1BEREncFlush
ASN1BERDecZeroChar16String
ASN1intx2uint32
ASN1BERDecNotEndOfContents
ASN1_CloseModule
ASN1BERDotVal2Eoid
ASN1BERDecS8Val
ASN1BERDecExplicitTag
ASN1CEREncEndBlk
ASN1intxisuint32
ASN1BERDecOctetString

psbase

SPEnumTypes

Sections

.icode
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.W
Size: 2KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lJQ
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Yt
Size: 3KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xYWcO
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 91KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.g
Size: 1KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 123KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ouD
Size: 1KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f4dc09f28db652b48c84cfd30109d2c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msasn1

psbase

Sections

.icode Size: 4KB - Virtual size: 3KB

.W Size: 2KB - Virtual size: 447KB

.lJQ Size: 4KB - Virtual size: 1.0MB

.text Size: 13KB - Virtual size: 13KB

.Yt Size: 3KB - Virtual size: 117KB

.rdata Size: 2KB - Virtual size: 39KB

.xYWcO Size: 1024B - Virtual size: 106KB

.edata Size: 91KB - Virtual size: 167KB

.g Size: 1KB - Virtual size: 318KB

.data Size: 6KB - Virtual size: 216KB

.edata Size: 123KB - Virtual size: 147KB

.ouD Size: 1KB - Virtual size: 378KB

.rsrc Size: 3KB - Virtual size: 3KB

.icode
Size: 4KB - Virtual size: 3KB

.W
Size: 2KB - Virtual size: 447KB

.lJQ
Size: 4KB - Virtual size: 1.0MB

.text
Size: 13KB - Virtual size: 13KB

.Yt
Size: 3KB - Virtual size: 117KB

.rdata
Size: 2KB - Virtual size: 39KB

.xYWcO
Size: 1024B - Virtual size: 106KB

.edata
Size: 91KB - Virtual size: 167KB

.g
Size: 1KB - Virtual size: 318KB

.data
Size: 6KB - Virtual size: 216KB

.edata
Size: 123KB - Virtual size: 147KB

.ouD
Size: 1KB - Virtual size: 378KB

.rsrc
Size: 3KB - Virtual size: 3KB