f2213cd984ada148fe10e71783bbe353b699c249ef92e7f8cfa7ed41992f0b2e

Sharing

Copy URL Twitter E-mail

General

Target

f2213cd984ada148fe10e71783bbe353b699c249ef92e7f8cfa7ed41992f0b2e
Size

172KB
MD5

32f9b05e527e0f37a61bd7f549866001
SHA1

084a0b6329b187476fd9893df92607eabb3904a9
SHA256

f2213cd984ada148fe10e71783bbe353b699c249ef92e7f8cfa7ed41992f0b2e
SHA512

be199f1225db98bb8d8d4c8aea2edf72028a18b0412d7c6cfa4431cfe61dc4995984a8d0841302b37f16e1bfdc368341f658aca527fdd0131a720c776db4969c
SSDEEP

1536:22RsBzzBykMcJGVEkyAIX1l9YcW+wavzkxrCvS0dCJzGcZe6/zEY:5Rkkyll9YHMIxZZVr

Score

N/A

Malware Config

Signatures

Files

f2213cd984ada148fe10e71783bbe353b699c249ef92e7f8cfa7ed41992f0b2e
.exe windows x86

16313dfd9e7e4ecd21b9fc330e483585

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
Process32Next
Process32First
CreateToolhelp32Snapshot
FindClose
SetFileAttributesA
GetSystemDirectoryA
Sleep
TerminateProcess
GetWindowsDirectoryA
GetCurrentThread
GetProcessVersion
GetFileAttributesA
CreateFileA
RemoveDirectoryA
FindNextFileA
DeleteFileA
FindFirstFileA
FlushFileBuffers
WriteFile
LockResource
SizeofResource
LoadResource
FindResourceA
CreateProcessA
GetModuleFileNameA
SetEvent
CreateThread
GetCurrentProcessId
FreeLibrary
CreateEventA
GetLocaleInfoA
CreateMutexA
ReadFile
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
SetFilePointer
HeapFree
VirtualFree
GetStringTypeW
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
OpenProcess
VirtualAllocEx
WriteProcessMemory
GetModuleHandleA
GetProcAddress
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
GetCurrentProcess
GetLastError
CloseHandle
SuspendThread
OutputDebugStringA
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
ExitProcess
GetVersion
GetCommandLineA
RtlUnwind
GetStartupInfoA

user32

RegisterWindowMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsDialogMessageA
CreateDialogParamA
SetWindowTextA
MoveWindow
ShowWindow
SendMessageA
KillTimer
LoadMenuA
GetSubMenu
ModifyMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
DestroyMenu
PostQuitMessage
LoadIconA
SetTimer
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowLongA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

Shell_NotifyIconA

psapi

EnumProcessModules
GetModuleFileNameExA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16313dfd9e7e4ecd21b9fc330e483585

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

psapi

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 116KB - Virtual size: 114KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 116KB - Virtual size: 114KB