ef99abc4ab1e0a7c1c560e99341e345104ad1b42cdd94d1461a6c634120c4de3

Sharing

Copy URL

Twitter E-mail

General

Target

ef99abc4ab1e0a7c1c560e99341e345104ad1b42cdd94d1461a6c634120c4de3
Size

104KB
MD5

eeeba1d30bd74fbef52ae31e25786a87
SHA1

689c2481fd6c8138d69769ed2c348ff533dff388
SHA256

ef99abc4ab1e0a7c1c560e99341e345104ad1b42cdd94d1461a6c634120c4de3
SHA512

0ca927790b24753077c6ec34b48ec968229276fa27ad4be010871e0ee44c39ffd180bde7f0b4becf5e249b8e0e559b278de52c3ef1825372f9b23b826193782a
SSDEEP

3072:BQN/fHn++vvQcu1F6H8bObYAc6RmDPKK7DdqLo:OXHnoc6IHiObBYDyMUo

Score

N/A

Malware Config

Signatures

Files

ef99abc4ab1e0a7c1c560e99341e345104ad1b42cdd94d1461a6c634120c4de3
.exe windows x86

c4aedb1930d7db179e083f6b263c5018

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyW
RegReplaceKeyA
RegEnumKeyExW
RegFlushKey
RegOpenKeyW
RegQueryInfoKeyA
RegEnumKeyA
RegQueryValueExW
RegLoadKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyW
RegQueryValueExA
RegCreateKeyExW
RegQueryValueW
RegOpenKeyExW
RegReplaceKeyW
RegDeleteValueW
RegCreateKeyW
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyA
RegReplaceKeyA
RegEnumKeyA
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegDeleteValueA
RegQueryValueW
RegCreateKeyW
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
RegDeleteValueW
RegLoadKeyA
RegQueryValueExA
RegEnumKeyA
RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW
RegEnumValueA
RegOpenKeyW
RegGetKeySecurity
RegQueryValueExW
RegDeleteValueW
RegQueryInfoKeyA
RegLoadKeyW
RegReplaceKeyW
RegEnumKeyExA
RegEnumValueW
RegOpenKeyExA
RegReplaceKeyA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyW

comctl32

ImageList_Copy
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_Read
ImageList_LoadImage
ImageList_Remove
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_Destroy
ImageList_GetImageRect
ImageList_AddMasked
ImageList_Draw
ImageList_Create
ImageList_GetDragImage
ImageList_Merge
ImageList_GetIcon
ImageList_GetImageInfo
InitCommonControls
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragLeave
ImageList_BeginDrag
ImageList_AddIcon
ImageList_Create
ImageList_LoadImage
ImageList_Read
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageRect
ImageList_GetDragImage
ImageList_Draw
ImageList_GetImageInfo
ImageList_DragLeave
InitCommonControls
ImageList_DragShowNolock
ImageList_Replace
ImageList_DrawIndirect
ImageList_Destroy
ImageList_Merge
ImageList_DrawEx
ImageList_AddIcon
ImageList_GetImageCount
ImageList_EndDrag
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_DragMove
ImageList_GetIconSize
ImageList_Read
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Copy
ImageList_Create
ImageList_DrawEx
ImageList_Remove
InitCommonControls
ImageList_GetImageRect
ImageList_LoadImage
ImageList_Draw

kernel32

DeleteFileW
GetFileSize
CreateProcessA
WriteFile
CopyFileExA
SetLastError
GlobalFree
GetComputerNameA
GetStdHandle
OpenFile
CreateDirectoryA
CopyFileW
ExitThread
GetFileTime
FindAtomA
ReadFile
GetFileTime
ReadConsoleA
GetComputerNameA
OpenFileMappingA
CopyFileExW
CopyFileW
WriteFile
DeleteFileA
FindAtomA
Sleep
GetCommandLineA
CreateProcessA
GlobalFree
OpenFile
GetLastError
CopyFileA
CopyFileExA
ExitThread
GetConsoleMode
DeleteAtom
GetFileSize
CreateDirectoryA
FindFirstFileA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4aedb1930d7db179e083f6b263c5018

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 94KB - Virtual size: 168KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 94KB - Virtual size: 168KB