a14a2c958c1d874727648919a9c25d021301b6124ea1b8bc164de7ed05c596fb

Sharing

Copy URL Twitter E-mail

General

Target

a14a2c958c1d874727648919a9c25d021301b6124ea1b8bc164de7ed05c596fb
Size

345KB
MD5

bd9d96c5c5b65f254536c48344f6d5e8
SHA1

e2fe577cbba9f832cc52e70d33ea6a21a50eb54c
SHA256

a14a2c958c1d874727648919a9c25d021301b6124ea1b8bc164de7ed05c596fb
SHA512

13785b234995a99cc1baf2be1bd709296d1456ef2bfd4fbc5f7912f8d7ac1e865c0dfd4c8c33f5c8a31359b20fb3ddd16bc516a101ce6a670a79f3ae6da96e2c
SSDEEP

6144:LX4qpolvhnKd6pX1I3hGtSHXfP5D1urp0nuEofgQ6acI1n8h3awcE9CH:zdE9fX1tOvzWpYuoan1nO9CH

Score

N/A

Malware Config

Signatures

Files

a14a2c958c1d874727648919a9c25d021301b6124ea1b8bc164de7ed05c596fb
.exe windows x86

e1ba2bb226dffcf2685992f0ec56e435

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
SetWindowPlacement
SetParent
GetDialogBaseUnits
SetForegroundWindow
GetDesktopWindow
WindowFromPoint
BringWindowToTop
IsWindow
IsChild
CascadeWindows
SetDlgItemTextA
GetWindowThreadProcessId

gdi32

DeleteObject
EnumObjects
AbortDoc
DrawEscape
CreateDiscardableBitmap
CancelDC
ExtCreateRegion
CreateFontW
AddFontResourceW
CopyMetaFileA
Arc

advapi32

RegCreateKeyExA
ClearEventLogW
GetOldestEventLogRecord
RegRestoreKeyA
RegisterEventSourceA
RegEnumKeyExA
RegQueryValueExA
PrivilegeCheck
AdjustTokenGroups

shlwapi

StrCSpnIW
StrSpnW
PathGetArgsW
SHRegQueryUSValueW
PathIsRootW
PathFindOnPathA
SHRegWriteUSValueW
StrRChrW
PathIsFileSpecA
PathStripToRootW
SHRegGetUSValueW
PathIsRelativeA
StrStrA
PathStripPathW

kernel32

LocalFlags
WritePrivateProfileStructA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
GlobalFree
ResetEvent
GetStartupInfoA
GetUserDefaultLCID
HeapFree
HeapUnlock
PulseEvent
FoldStringA
GetSystemDefaultLangID
VirtualFreeEx
GetModuleHandleA
GetProcAddress
VirtualAllocEx
CompareStringA

credui

CredUIReadSSOCredW
CredUIParseUserNameA
CredUIParseUserNameW
CredUIStoreSSOCredW

msvcrt

_XcptFilter
_exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
exit

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1ba2bb226dffcf2685992f0ec56e435

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shlwapi

kernel32

credui

msvcrt

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 328KB - Virtual size: 328KB

.data Size: 512B - Virtual size: 118KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 328KB - Virtual size: 328KB

.data
Size: 512B - Virtual size: 118KB

.rsrc
Size: 5KB - Virtual size: 4KB