c838f85f52de114b5bc7baa542715bd8d4fa51385848e726177217cbf7a16baa

Sharing

Copy URL Twitter E-mail

General

Target

c838f85f52de114b5bc7baa542715bd8d4fa51385848e726177217cbf7a16baa
Size

84KB
MD5

cbd11a107efcbc6e5980d69d2f08b954
SHA1

b6f8afb813a5d1db9ec8450b0340102593d32d1b
SHA256

c838f85f52de114b5bc7baa542715bd8d4fa51385848e726177217cbf7a16baa
SHA512

35b6847526f141bd6a0117974e3aa05339ed07f377e4d527062f8ba647cc6d98b316ff52f32d4f1b6dd16a3ed2694bd98d683737edfa64986f69f4d3cdeb2095
SSDEEP

1536:5JDhqxxxKXlEu3kkg2tIPF5sBm4RBmo/aT+/8SW3I27R+/w:5JDhqkN33ghFAitvSWYM8/

Score

N/A

Malware Config

Signatures

Files

c838f85f52de114b5bc7baa542715bd8d4fa51385848e726177217cbf7a16baa
.exe windows x86

934508954bf505a5a530d191db7dd6c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageW
LoadIconA
RegisterClassW
DestroyIcon
GetCapture
SetCapture
ScrollWindowEx
SetActiveWindow
OpenClipboard
RegisterClassA

kernel32

GetCommandLineW
ReadFile
GetConsoleMode
FreeLibraryAndExitThread
GetCurrentProcess
GetCurrentThreadId
LoadLibraryA
GetCurrentProcessId
WaitForSingleObjectEx
FreeLibrary
HeapFree
FreeEnvironmentStringsW
InterlockedDecrement
GetFileSize
InterlockedCompareExchange
SetLastError
CreateFileA
SetErrorMode
SetEvent
GetEnvironmentStringsW
SetFilePointer
GetModuleHandleW
lstrlenW
FormatMessageW
TerminateProcess
InterlockedExchange
LocalFree
LoadResource
Sleep
LCMapStringW
HeapDestroy
SetEndOfFile
GetFileAttributesW
GetVersionExW
ExitProcess
SetFilePointerEx
MultiByteToWideChar
GetVersionExA
GetFileSizeEx
CreateThread
CreateFileW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
GetStdHandle
QueryPerformanceCounter
HeapSize
GetACP
CloseHandle
LoadLibraryW
LeaveCriticalSection
FindClose
GetStartupInfoA
WideCharToMultiByte
GetOEMCP
InitializeCriticalSection
GetModuleFileNameW
GetSystemTimeAsFileTime
WriteFile
InterlockedIncrement
CreateEventW
EnterCriticalSection
DeleteCriticalSection
SetHandleCount
HeapAlloc
HeapCreate
WaitForSingleObject
IsDebuggerPresent
GetTickCount
SetUnhandledExceptionFilter
TlsFree
TryEnterCriticalSection
lstrlenA
GetProcAddress
GetModuleHandleA
GetLastError
FindFirstFileW
RaiseException

gdi32

CreateSolidBrush
CreateRectRgn
CreateFontIndirectW
FrameRgn
CreatePolygonRgn
GetRgnBox
CreateDCA
OffsetRgn

setupapi

SetupGetFileCompressionInfoExA

advapi32

IsValidSid
RegSetValueExA
RegConnectRegistryA
ControlService
RegDeleteValueA
RegGetKeySecurity
ImpersonateSelf
OpenEncryptedFileRawW
OpenEventLogW
CreateProcessAsUserA
CloseServiceHandle
RegNotifyChangeKeyValue
GetUserNameA
BackupEventLogA
RegFlushKey
OpenSCManagerW
GetTokenInformation
RegCloseKey
DeregisterEventSource
GetNumberOfEventLogRecords
LookupPrivilegeValueA
RegQueryValueExA
OpenServiceW
OpenThreadToken
CloseEventLog
RegCreateKeyA
DuplicateTokenEx
AdjustTokenPrivileges
GetFileSecurityA
RegSetKeySecurity
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyExA
OpenSCManagerA
RegRestoreKeyA
GetUserNameW
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
OpenServiceA
OpenProcessToken
RegDeleteKeyW
RegCreateKeyExW
EnumServicesStatusA
RegDeleteKeyA
InitiateSystemShutdownA
DuplicateToken
ReadEventLogW
QueryServiceStatus

msvcrt

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_acmdln
_exit
_XcptFilter
exit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

934508954bf505a5a530d191db7dd6c2

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

setupapi

advapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 117KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 117KB

.rsrc
Size: 16KB - Virtual size: 15KB