b07c885122e92d4eca835e5b941b84456ccf110069adef0afe0b98f0df920732

Sharing

Copy URL Twitter E-mail

General

Target

b07c885122e92d4eca835e5b941b84456ccf110069adef0afe0b98f0df920732
Size

56KB
MD5

bdbb355fc3c06a6e9036ee34caa4f333
SHA1

497ad10232910c3b140abbe2046b9c43758d5337
SHA256

b07c885122e92d4eca835e5b941b84456ccf110069adef0afe0b98f0df920732
SHA512

e7976f37188b3c8148180c420066e7b8e6c1c5f51ef21faefd067b2fb6ea7608643e01719063d38a0fe0f16490ee2e800ad3f12243b471da59c243e0e0b7b9c4
SSDEEP

768:NHj96DJEXMlIWS4dz4EwGdPCjZr7h967SdI0KdbPE/xeAKWU0MbY:NHAuXJp4dz4udqZdI0sSxeFM

Score

N/A

Malware Config

Signatures

Files

b07c885122e92d4eca835e5b941b84456ccf110069adef0afe0b98f0df920732
.exe windows x86

3d676e1804184ea1367db8829716fb63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AnyPopup
FindWindowA
SetForegroundWindow
SetCapture
UpdateWindow
ShowWindow

kernel32

LocalAlloc
GlobalLock
GetEnvironmentStrings
LockResource
CreateEventW
GetExitCodeProcess
LCMapStringA
GetVersionExW
FlushFileBuffers
lstrlenW
CreateThread
WaitForSingleObjectEx
InterlockedExchange
GetFileAttributesW
InterlockedDecrement
FreeEnvironmentStringsW
LoadResource
WriteFileEx
TlsSetValue
GetFileSize
DeleteFileA
SetErrorMode
TlsGetValue
MultiByteToWideChar
GetStartupInfoW
SetStdHandle
HeapSize
WriteFile
GetLocaleInfoA
WaitForMultipleObjectsEx
GetStringTypeA
TryEnterCriticalSection
GetStringTypeW
InterlockedCompareExchange
FreeEnvironmentStringsA
SetHandleCount
RegisterWaitForSingleObject
GlobalUnlock
FormatMessageW
InitializeCriticalSectionAndSpinCount
SizeofResource
GetFileType
WaitForSingleObject
InterlockedIncrement
LCMapStringW
CreateProcessA
SetFilePointer
TlsFree
GetThreadLocale
GetFileAttributesA
DeleteFileW
CompareStringW
VirtualAlloc
GetModuleHandleW
GetLastError
SetEvent
GetModuleFileNameW

gdi32

CreateRectRgn
CreateFontIndirectW
CreateDCA
CreateSolidBrush
CreatePolygonRgn

setupapi

SetupUninstallOEMInfA

advapi32

RegCreateKeyW
GetNumberOfEventLogRecords
CloseEventLog
DuplicateTokenEx
ClearEventLogA
DeregisterEventSource
RegDeleteKeyW
InitiateSystemShutdownA
RegCreateKeyA
RegCreateKeyExW
AdjustTokenPrivileges
GetUserNameA
BackupEventLogA
ReadEventLogW
IsValidSid
RegEnumKeyExW
ControlService
GetLengthSid
ImpersonateLoggedOnUser
GetOldestEventLogRecord
GetFileSecurityA
CloseServiceHandle
GetUserNameW
ImpersonateSelf
CreateProcessAsUserA
RegConnectRegistryW
GetTokenInformation
DuplicateToken

msvcrt

__wgetmainargs
__p__commode
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
_exit
_XcptFilter
exit
_wcmdln
_adjust_fdiv
_initterm
__setusermatherr
__p__fmode

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d676e1804184ea1367db8829716fb63

Headers

File Characteristics

Imports

user32

kernel32

gdi32

setupapi

advapi32

msvcrt

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 112KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 112KB

.rsrc
Size: 8KB - Virtual size: 6KB