d9c9008c82bdbb175a7b0d380eb360d470716cfa5f42b9548757739a63688c47

General

Target

d9c9008c82bdbb175a7b0d380eb360d470716cfa5f42b9548757739a63688c47
Size

79KB
MD5

be60e5389cd89a16607713b305cc6ee8
SHA1

499a118217694268b1f2e4c6292e01af3c664949
SHA256

d9c9008c82bdbb175a7b0d380eb360d470716cfa5f42b9548757739a63688c47
SHA512

d43f565ce6acab5d5599e1cfc4575ab9cabe8957ab41264d24cff7b197325b3f5caa3569cca48ebcc358898ffca7ff6637c46ba70f3eb13a91416ce5284885c3
SSDEEP

1536:iwnKOC2s/3bzoNoypiwi0BcAmBqFnToIfTOo3jQ+5:DnKOCfbzoNooi0BcAJtTBfTOo3N5

Score

N/A

Malware Config

Signatures

Files

d9c9008c82bdbb175a7b0d380eb360d470716cfa5f42b9548757739a63688c47
.exe windows x86

f80be00f8fee1d899538f3c9c5b1dbd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
GetTickCount
GetCurrentDirectoryA
GetTempPathA
Sleep
FreeResource
SizeofResource
LoadResource
FindResourceA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
CreateRemoteThread
LoadLibraryA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
lstrlenA
OpenProcess
CreateProcessA
MoveFileA
DeleteFileA
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
GetProcAddress
lstrcmpiA
GetVersionExA
GetCurrentProcess
GetSystemInfo

user32

PostMessageA
GetMessageA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
PostThreadMessageA
GetInputState
OpenWindowStationA
wsprintfA
GetSystemMetrics
FindWindowA

advapi32

RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

shell32

ShellExecuteA

msvcrt

_strrev
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_controlfp
_stricmp
_except_handler3
__setusermatherr
_initterm
memset
sprintf
strlen
rename
_exit
_XcptFilter
exit
_acmdln
__getmainargs

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f80be00f8fee1d899538f3c9c5b1dbd3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

psapi

Sections

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 69KB - Virtual size: 68KB