27380ba1937ea25090e2034ccb746fef5b162015d72239ad9198f45e346dcf96

Sharing

Copy URL

Twitter E-mail

General

Target

27380ba1937ea25090e2034ccb746fef5b162015d72239ad9198f45e346dcf96
Size

333KB
MD5

096e055873bed9b67a2adf0c672b534f
SHA1

c21bee00876e6ce6649716187024c03d88cfefbf
SHA256

27380ba1937ea25090e2034ccb746fef5b162015d72239ad9198f45e346dcf96
SHA512

ca3a1e5e721b54e207f80dbc032522b67c081961fb7866675761a06f67973509d39dc9c9501958ec156cee356b2dbce93bae0dbf8ee3e3dc9c4687bc73c4528b
SSDEEP

6144:rqOJiyNk9eiqOv4OqTFbc/eAQywDq21zfL51pQgj2OISXEes7S6x6:rjJiyusKqTFbchQu29TPpQgqO7sL

Score

N/A

Malware Config

Signatures

Files

27380ba1937ea25090e2034ccb746fef5b162015d72239ad9198f45e346dcf96
.exe windows x86

5e17ca40a4f6f1a4ec2d05984fc1876a

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcessHeap
CreateFileA
SetFileTime
GetCommandLineA
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryA
GetLastError
GetProcAddress
LoadLibraryA
HeapAlloc
RemoveDirectoryA
CreateEventA
ReadFile
WriteFile
FormatMessageA
GetFileAttributesA
DeleteFileA
MoveFileExA
TerminateProcess
ExitProcess
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
GetCurrentProcess
CreateThread
WaitForSingleObject
GetSystemDirectoryA
GetDriveTypeA
GetDiskFreeSpaceA
GetSystemTime
SystemTimeToFileTime
GetCurrentDirectoryA
CloseHandle
CreateProcessA
GetExitCodeProcess
HeapFree
SetFilePointer
SetEvent

user32

SendDlgItemMessageA
EndDialog
LoadStringA
SendMessageA
ShowWindow
DialogBoxParamA
MessageBoxA

comctl32

ord17

advapi32

CryptAcquireContextA
CryptGenRandom
SetSecurityDescriptorDacl
GetLengthSid
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
CryptReleaseContext
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

ntdll

_allmul
strstr
sprintf

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 302KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hhqg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e17ca40a4f6f1a4ec2d05984fc1876a

Code Sign

Signer

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

shell32

ntdll

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 66KB

.rsrc Size: 302KB - Virtual size: 1KB

.hhqg Size: 4KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 66KB

.rsrc
Size: 302KB - Virtual size: 1KB

.hhqg
Size: 4KB - Virtual size: 4KB