c299ae3f7f2a5b1da592450b50b0d791953822c844b7217ff17ae701344fea83

Sharing

Copy URL Twitter E-mail

General

Target

c299ae3f7f2a5b1da592450b50b0d791953822c844b7217ff17ae701344fea83
Size

116KB
MD5

f167250b1cde0c49af961e30e6cebd10
SHA1

902e60eefc174fef0d0330aeb80097cb640b9f41
SHA256

c299ae3f7f2a5b1da592450b50b0d791953822c844b7217ff17ae701344fea83
SHA512

15d8d764069ef2bb88160d4a73f026be8616130d4353d3f566b3d532999231ec6da198099176d39fe2cd6dba2c1455e2c2dc752794e6d87827cb84a5724fe428
SSDEEP

1536:Z6bTKsTL8xaTMIroT6+JU97GtXfXN5XkJIoHg0l3uvFninz3qklC8xX:ZcT38S4JOGVvN50JIoHgC4Fnoll

Score

N/A

Malware Config

Signatures

Files

c299ae3f7f2a5b1da592450b50b0d791953822c844b7217ff17ae701344fea83
.exe windows x86

54e1fa8cf1a3fc2453b51c9a59992c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ResetEvent
OpenProcess
GetProcAddress
CreateProcessA
FindClose
FindFirstFileA
GetVersionExA
GetSystemDirectoryA
GetModuleHandleA
TerminateProcess
GlobalFree
GlobalAlloc
ReleaseMutex
GetCurrentProcessId
ReadFile
SetStdHandle
SetFilePointer
WaitForMultipleObjects
Sleep
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetCPInfo
FlushFileBuffers
IsBadWritePtr
HeapReAlloc
VirtualAlloc
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
WaitForSingleObject
SetEvent
FreeLibrary
CreateThread
GetModuleFileNameA
CreateMutexA
GetLastError
CreateEventA
IsBadReadPtr
IsBadCodePtr
WriteFile
GetStdHandle
SetHandleCount
CloseHandle
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetFileAttributesA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
GetFileType
DeleteCriticalSection
HeapAlloc
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue

user32

SetForegroundWindow
GetCursorPos
DispatchMessageA
TranslateMessage
FindWindowA
GetWindowThreadProcessId
SendMessageA
AppendMenuA
CreatePopupMenu
ModifyMenuA
LoadMenuA
GetSubMenu
DestroyMenu
EnableMenuItem
SetMenuDefaultItem
wsprintfA
GetMessageA
TrackPopupMenu
MessageBoxA
GetWindowLongA
DefWindowProcA
LoadStringA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
PostQuitMessage
SetWindowLongA
PostMessageA

gdi32

GetStockObject

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54e1fa8cf1a3fc2453b51c9a59992c5b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

version

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 32KB - Virtual size: 32KB