761be14f744c6279a39b3e16b382c836e549e7f200915b2a33425b0f4eca4437

General

Target

761be14f744c6279a39b3e16b382c836e549e7f200915b2a33425b0f4eca4437
Size

32KB
MD5

f7ea287200db94cb301e21a12c094a83
SHA1

b486ff78e8471ef5ada48ad246f75136397c9572
SHA256

761be14f744c6279a39b3e16b382c836e549e7f200915b2a33425b0f4eca4437
SHA512

feb98a2aea956c690689ecaedb1142534a9b9489bc14c3ae0f76b13716f3cdf8cea8381eac58ddeb30948bc23eae1ea15269c62c2d09c1d460e9afacce498874
SSDEEP

768:IRjMOvaGW73sdbTIilNkZTLQzxLEoRUybKdAz:gaGW73sIGNEdoRCdc

Score

N/A

Malware Config

Signatures

Files

761be14f744c6279a39b3e16b382c836e549e7f200915b2a33425b0f4eca4437
.exe windows x86

ae77e351c9220eec27996ce1cc481900

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
WaitForSingleObject
CreateProcessA
HeapAlloc
ExitProcess
DeleteFileA
GetPrivateProfileStringA
Sleep
CloseHandle
CreateRemoteThread
HeapFree
GetProcessHeap
WaitForDebugEvent
CreateThread
GetLastError
DebugActiveProcess
GetModuleFileNameA
VirtualFreeEx
GetExitCodeThread
WriteProcessMemory
VirtualAllocEx
GetCurrentProcess
WritePrivateProfileStringA
GetModuleHandleA
GetProcAddress
ContinueDebugEvent
GetWindowsDirectoryA
GetVersion
GetCommandLineA
VirtualProtect
TerminateProcess
RtlUnwind
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
GetStringTypeA
GetStringTypeW
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetStdHandle
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
CreateFileA
LCMapStringA
LCMapStringW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
GetTokenInformation
LookupAccountSidA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 959B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae77e351c9220eec27996ce1cc481900

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 1024B - Virtual size: 959B

.data Size: 6KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 1024B - Virtual size: 959B

.data
Size: 6KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB