a676b64289e1f3be665ca80b9b08b90d818f85f9e9c2774138103705d568198e

Sharing

Copy URL Twitter E-mail

General

Target

a676b64289e1f3be665ca80b9b08b90d818f85f9e9c2774138103705d568198e
Size

108KB
MD5

b34405f0a37a289a04539c116d716281
SHA1

7dc45ad232d9382681272623b36134ab012f38cd
SHA256

a676b64289e1f3be665ca80b9b08b90d818f85f9e9c2774138103705d568198e
SHA512

949f73d4b7001050350e70d267201a1d72dffded6b418baa4050565432b5a00f5b559b7492e4460b86bb917f91e77192145ac834dc16db1cc35e4dc31a93ce27
SSDEEP

1536:pB1qOZ6Teg/bqDLujkeqQLC1fAnnBvoCfl19q2Bba4SQ1t4H:z1hG/WDLoL0fAnnBvoCfJNaqb4

Score

N/A

Malware Config

Signatures

Files

a676b64289e1f3be665ca80b9b08b90d818f85f9e9c2774138103705d568198e
.exe windows x86

a218106974a7fb92be6e45e5fb4f69c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
CopyFileW
GetModuleFileNameW
GetLastError
FindFirstFileW
GetSystemDirectoryW
OpenProcess
CreateRemoteThread
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
GetCurrentProcessId
WriteProcessMemory
VirtualAllocEx
GetExitCodeThread
GetModuleFileNameA
ExitThread
LoadLibraryA
FindNextFileA
lstrcmpA
FindFirstFileA
lstrcpynA
CopyFileA
GetTickCount
lstrcatA
ReadFile
GetFileSize
GetSystemTime
SetFileAttributesA
LockResource
LoadResource
SizeofResource
FindResourceA
FindClose
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateProcessA
CreateEventA
WinExec
GetDriveTypeA
WritePrivateProfileStringA
GetWindowsDirectoryA
CompareStringA
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
CompareStringW
HeapReAlloc
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SystemTimeToFileTime
CreateFileW
SetFileTime
SetFileAttributesW
Sleep
CreateThread
GetSystemDirectoryA
DeleteFileA
CreateFileA
SetFilePointer
CloseHandle
WriteFile
GetModuleHandleA
lstrlenA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLocalTime
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc

user32

KillTimer
PostQuitMessage
SetTimer
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
DispatchMessageA
TranslateMessage
CharUpperA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetParent
GetWindowTextA
wsprintfA
GetKeyNameTextA
GetKeyboardState
ToAscii
GetMessageA

gdi32

GetStockObject

advapi32

RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA

shell32

ShellExecuteA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a218106974a7fb92be6e45e5fb4f69c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

psapi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 44KB - Virtual size: 56KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 44KB - Virtual size: 56KB