bca657f2c6d4d1530367992f808be01f8d7caf39eb6e6f630f4a12f33b1bfa20

General

Target

bca657f2c6d4d1530367992f808be01f8d7caf39eb6e6f630f4a12f33b1bfa20
Size

44KB
MD5

ea31565faa061af8ebe79762904742ac
SHA1

f921847f99399f7cf7e103b3fbdff7e1391e63c3
SHA256

bca657f2c6d4d1530367992f808be01f8d7caf39eb6e6f630f4a12f33b1bfa20
SHA512

885740a9bf9592b00f256ee8d2632dc87b524032007270bfd86c93be0211719250584328a57fbd22caac9ef87fe81e52928afc03b248e6bb178f9e20258d23df
SSDEEP

384:Gq97xcKd1/l31NGQxkMsdaAX2uDRgCMZyy1Jm7w8v+aPsEZPo15:DvpDG2kF2uZIyoJmcu+aPsWPo

Score

N/A

Malware Config

Signatures

Files

bca657f2c6d4d1530367992f808be01f8d7caf39eb6e6f630f4a12f33b1bfa20
.exe windows x86

facd1ce67e832e101cee24aa6eaca861

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
FreeEnvironmentStringsA
lstrlenA
GetEnvironmentStrings
Sleep
GetProcAddress
LoadLibraryA
GetFileAttributesA
lstrcatA
GetModuleFileNameA
GetModuleHandleA
DeleteFileA
GetSystemDirectoryA
GetCurrentProcess
GetWindowsDirectoryA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
DuplicateHandle
OpenProcess
GetStringTypeA
LCMapStringW
CreateFileA
CloseHandle
WriteFile
GetEnvironmentVariableA
LCMapStringA
MultiByteToWideChar
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetStringTypeW

user32

wsprintfA

advapi32

OpenProcessToken
GetTokenInformation
LookupAccountSidA
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

StrCmpNIA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

facd1ce67e832e101cee24aa6eaca861

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 16B