d2fa776a6ba31db4f63a64fc224777ea2e74a60c32f66540511d995f9287f1c4

Sharing

Copy URL Twitter E-mail

General

Target

d2fa776a6ba31db4f63a64fc224777ea2e74a60c32f66540511d995f9287f1c4
Size

288KB
MD5

3d4590debc51a747d19a1c55afcf8547
SHA1

0ce4ff132a341b4002f19f8061464bf9a36b52d7
SHA256

d2fa776a6ba31db4f63a64fc224777ea2e74a60c32f66540511d995f9287f1c4
SHA512

64d67f68d86de4d66e57e3c91bf14d0c6f2cbbe646216809a8d94becc5ebdf907d1bdfc911ef5282d4b5d2c99886ce67cdf2344d74c538d302bffcbba511b2c1
SSDEEP

6144:SahiPaLgbRr0h5djCA5GjDP5m0/ocKLqdWNW:RiPxW595GDPbocKLLW

Score

N/A

Malware Config

Signatures

Files

d2fa776a6ba31db4f63a64fc224777ea2e74a60c32f66540511d995f9287f1c4
.exe windows x86

287154a8310d19718b352a389add6125

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
GetTapeParameters
LoadLibraryExW
OutputDebugStringA
GlobalGetAtomNameW
VirtualQuery
SetFileAttributesA
GetStringTypeExW
GetDriveTypeW
GetVolumeInformationW
SetLastError
ExpandEnvironmentStringsW
TryEnterCriticalSection
LoadLibraryExA
VirtualLock
WriteConsoleOutputW
GetConsoleCursorInfo
WritePrivateProfileSectionA
SwitchToFiber
DosDateTimeToFileTime
FillConsoleOutputCharacterA
DuplicateHandle
EraseTape
CreateMutexW
ReadConsoleA
WaitNamedPipeA
IsValidLocale
GetEnvironmentStringsW
FindResourceExW
GetPrivateProfileStringW
OpenFile
CreateDirectoryW
GetOverlappedResult
SetEndOfFile
ExitThread
SetTimeZoneInformation
GetEnvironmentVariableW
QueryDosDeviceW
SuspendThread
WriteFile
SystemTimeToFileTime
InitializeCriticalSection
GetVersion
FreeEnvironmentStringsA
DebugBreak
ReadFileScatter
CreateProcessA
ReadDirectoryChangesW
GetFileType
CloseHandle
SetThreadPriorityBoost
GetBinaryTypeA
SetEnvironmentVariableW
VirtualProtect
EnumCalendarInfoW
GetUserDefaultLCID
GetVersionExA
lstrcpyA
GetTapeStatus
FreeLibrary
IsBadReadPtr
WriteProcessMemory
ReadConsoleOutputA
WritePrivateProfileSectionW
AreFileApisANSI
lstrcatW
LoadResource
GlobalFree
ExitProcess
GetStartupInfoA
GenerateConsoleCtrlEvent
GetFileInformationByHandle
PurgeComm
FindResourceExA
lstrcmpiA
ReadConsoleInputW
GetModuleHandleA
_lread
SetConsoleOutputCP
PeekNamedPipe
SetConsoleCursorPosition
PrepareTape
GetSystemInfo
VirtualAlloc

user32

IsCharAlphaNumericA

gdi32

OffsetViewportOrgEx
GetMetaFileBitsEx
GetOutlineTextMetricsA
SetPixel
SetBkMode
GetStockObject

comdlg32

PageSetupDlgA
ChooseColorA

advapi32

MakeSelfRelativeSD
CryptSetKeyParam
RegSetValueW
QueryServiceStatus
AbortSystemShutdownW
RegConnectRegistryA
AllocateAndInitializeSid
LookupPrivilegeValueA
CopySid
RegCreateKeyExA
GetUserNameW
CryptGetHashParam
ClearEventLogW
CryptDecrypt
SetKernelObjectSecurity
RegDeleteKeyA
LookupAccountSidW
LookupPrivilegeValueW
UnlockServiceDatabase

shell32

SHGetSettings
SHAddToRecentDocs
ShellExecuteA
SHLoadInProc
SHGetSpecialFolderPathA

ole32

CoUninitialize
OleSave
OleSetClipboard
CoImpersonateClient
CoGetInterfaceAndReleaseStream

shlwapi

PathRenameExtensionW
PathCanonicalizeA
wnsprintfW
PathIsURLW
PathStripToRootA
SHOpenRegStream2W
PathIsSameRootW
StrCmpIW
PathRemoveFileSpecW

msvcrt

_controlfp
_except_handler3
_acmdln
exit
_XcptFilter
_exit
_initterm
__setusermatherr
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__getmainargs

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

287154a8310d19718b352a389add6125

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 272KB - Virtual size: 270KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 272KB - Virtual size: 270KB