f9bbec35c03c1c26795ddb0abb1e70c7b8ca3fc6b0f804eade936efe9ccaa9b2

General

Target

f9bbec35c03c1c26795ddb0abb1e70c7b8ca3fc6b0f804eade936efe9ccaa9b2
Size

76KB
MD5

1506afe2461a4f24cf20b03583549351
SHA1

1ee3b1f7b5b7434a247b8b0ea73a4069a91e8310
SHA256

f9bbec35c03c1c26795ddb0abb1e70c7b8ca3fc6b0f804eade936efe9ccaa9b2
SHA512

1ccd78c15d9059f6aa72e060f79617eb9ee6b9e49ef245f0d7e7fda72d57571458ea773d39135f2bef61171e8343b71c74ab4827b089382e1e0302d3333144f4
SSDEEP

1536:yDUdmuvami8utpGdjGmjeYMATMydobVOs:v9vAr3ydoM

Score

N/A

Malware Config

Signatures

Files

f9bbec35c03c1c26795ddb0abb1e70c7b8ca3fc6b0f804eade936efe9ccaa9b2
.exe windows x86

a4e5ec06473e94dcf7b059e1a3b9d85f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetWindowsDirectoryA
CreateRemoteThread
WriteProcessMemory
VirtualProtectEx
VirtualAllocEx
GetModuleFileNameA
GetModuleHandleA
GetFileTime
HeapFree
CreateMutexA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
GetOEMCP
GetCPInfo
SetFilePointer
GetCurrentProcess
lstrcmpiA
FindFirstFileA
FindNextFileA
FindClose
CreateToolhelp32Snapshot
Process32First
GetCurrentDirectoryA
GetLastError
OpenProcess
GetShortPathNameA
GetLongPathNameA
Process32Next
GetVersionExA
GetACP
CreateFileA
GlobalAlloc
DeviceIoControl
GlobalFree
CloseHandle
LoadLibraryA
GetProcAddress
lstrcpyA
GetSystemDirectoryA
lstrcatA
CreateDirectoryA
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FlushFileBuffers

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

iphlpapi

GetAdaptersInfo

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4e5ec06473e94dcf7b059e1a3b9d85f

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

iphlpapi

psapi

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 18KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 18KB