c55321e3275120a28f6ea1284a84dcbdf26142b9cf1b4b67e5d951f5e167823c

Sharing

Copy URL Twitter E-mail

General

Target

c55321e3275120a28f6ea1284a84dcbdf26142b9cf1b4b67e5d951f5e167823c
Size

199KB
MD5

32530bcae0297c8509fb9a6e1f49cc40
SHA1

791dc6f583ed659d23a2465918bf2a5f03260302
SHA256

c55321e3275120a28f6ea1284a84dcbdf26142b9cf1b4b67e5d951f5e167823c
SHA512

f0405ecf8226100a194b74bd85de92a371086d5f78fe10a0d62fdca5382ab8849efdcc272896ccd13116f859defbe12d24dedc0d62a35b40c567c504fc547244
SSDEEP

3072:wiCDgkYRQtVwmWZC/wBNZt/POoe6iuworv5qcp6EoZifvfYBhSBWKKyrQKwngowR:wiijt4ZwwBNZt/Phe6Pt0kP6TwInzC

Score

N/A

Malware Config

Signatures

Files

c55321e3275120a28f6ea1284a84dcbdf26142b9cf1b4b67e5d951f5e167823c
.exe windows x86

8a074dc5cd031ea047e82f9ec8cbb150

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA
DragQueryFileA
DragQueryFileW
ExtractIconExW
ShellExecuteExW
Shell_NotifyIconA

ole32

CoTaskMemRealloc
CoTaskMemFree
OleQueryLinkFromData
MkParseDisplayName
CoFileTimeNow
StgCreateDocfile
CoInitialize

advapi32

RegQueryValueExA
DestroyPrivateObjectSecurity
LogonUserW
QueryServiceStatus
ControlService
RegQueryMultipleValuesW
QueryServiceLockStatusA
OpenEventLogW
LookupPrivilegeNameA
DeregisterEventSource

kernel32

GetACP
GetOEMCP
LoadLibraryW
IsValidCodePage
Sleep
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
IsProcessorFeaturePresent
GetCPInfo
GetModuleFileNameW
TlsSetValue
GlobalAlloc
CopyFileA
lstrcmpA
WaitForSingleObjectEx
GetLastError
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a074dc5cd031ea047e82f9ec8cbb150

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 65KB

.rsrc Size: 163KB - Virtual size: 162KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 65KB

.rsrc
Size: 163KB - Virtual size: 162KB