d5f2a310e767bb1350145cbff68cf87ec0c8ee737fdab75ccbc311b9f9c9977d

General

Target

d5f2a310e767bb1350145cbff68cf87ec0c8ee737fdab75ccbc311b9f9c9977d
Size

25KB
MD5

ca2cc3a231ac7d687238c8280c0ad580
SHA1

4da9a674b81fa1b716c90a6bf68adfea82c78998
SHA256

d5f2a310e767bb1350145cbff68cf87ec0c8ee737fdab75ccbc311b9f9c9977d
SHA512

dfd008d5bb1e697b78ecf3b824eaaec293adb403d246f47236e152263816749503b59d9dbf71f66cf03a432b9507819229845fd32f3015143883779613c54e1b
SSDEEP

384:rbZyWGOOntvlIOL5YFPDMN5dDJa/CJZgEapaSzti6aLch7U2txYR7:rVyWGtnMOVIu5lJqIZgEwzzmvYxO7

Score

N/A

Malware Config

Signatures

Files

d5f2a310e767bb1350145cbff68cf87ec0c8ee737fdab75ccbc311b9f9c9977d
.exe windows x86

9ed8c6bab18e245d326179feed8a6e49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_snwprintf
RtlInitUnicodeString
_chkstk

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken

kernel32

lstrcpyA
CopyFileA
VirtualQuery
GetCurrentProcess
Sleep
GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
ExitProcess
GetComputerNameA
GetTempFileNameW
CreateFileA
GetFileSize
SetPriorityClass
SetFilePointer
lstrlenA
MoveFileExA
WaitForSingleObject
GetTickCount
VirtualFree
GetProcessHeap
WriteFile
GetCommandLineA
GetVolumeInformationA
TerminateProcess
ReadFile
lstrcatA
ExitThread
MultiByteToWideChar
SetThreadPriority
GetTempPathW
GetShortPathNameA
SetCurrentDirectoryA
GetLastError
SetLastError
lstrcmpiA
VirtualAlloc
CloseHandle
OpenMutexA
LocalAlloc
GetSystemInfo
GetModuleFileNameA
lstrcmpiW
CreateMutexA
GetVersionExA
WinExec

user32

LoadCursorA
FindWindowA
UpdateWindow
SetWindowTextA
GetSystemMetrics
DispatchMessageA
ShowWindow
DefWindowProcA
CreateWindowExA
MessageBoxA
TranslateMessage
wsprintfW
BeginPaint
RegisterWindowMessageA
SendMessageA
SetFocus
wsprintfA
CharUpperA
LoadIconA
GetTopWindow
GetClassInfoExA
PostQuitMessage
RegisterClassExA
CreateDialogParamA
GetMessageA
EndPaint

shell32

SHGetFolderPathA

ole32

OleInitialize

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ed8c6bab18e245d326179feed8a6e49

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

advapi32

kernel32

user32

shell32

ole32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 3KB - Virtual size: 29KB

.rsrc Size: 1024B - Virtual size: 568B

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 3KB - Virtual size: 29KB

.rsrc
Size: 1024B - Virtual size: 568B