ef978a64f5029f88345b8e623ea8b5a7ad9e2035e47c09c86f7a58e7f89d4195

Sharing

Copy URL

Twitter E-mail

General

Target

ef978a64f5029f88345b8e623ea8b5a7ad9e2035e47c09c86f7a58e7f89d4195
Size

155KB
MD5

f3d7a2bf6243d92a9e9517c05b0cb752
SHA1

fb054b180b224649d6d9f01446b99762a03e05d3
SHA256

ef978a64f5029f88345b8e623ea8b5a7ad9e2035e47c09c86f7a58e7f89d4195
SHA512

331163ed70633be5c64426f2f22ff7c07c19e0547cc7ae24fd424c9d64f06a61ac24c85179883158c1a17c8360c382c2b06ad37e93ee9dabb1ac9de5576035fa
SSDEEP

3072:Rzr1NrFclCMF8BNCA6GVafIrjhfPre8wwALf536:RNJ+lCMFysAUKaR3

Score

N/A

Malware Config

Signatures

Files

ef978a64f5029f88345b8e623ea8b5a7ad9e2035e47c09c86f7a58e7f89d4195
.exe windows x86

5a59a0db239c32d900af243fc001acb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
VirtualAlloc
CreateFileA
LeaveCriticalSection
EnterCriticalSection
ExpandEnvironmentStringsA
GetCurrentThreadId
SetUnhandledExceptionFilter
GetTickCount
QueryPerformanceCounter
SetLastError
LocalFree
FormatMessageA
SetConsoleCtrlHandler
GetLastError
UnhandledExceptionFilter
GetModuleHandleA
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
CreateProcessA
SearchPathA
GetStartupInfoA
GetModuleFileNameW
GetShortPathNameW
lstrcatW
lstrlenW
DeleteFileW
WriteFile
CloseHandle
CreateSemaphoreW
CreateFileW
GetVersionExW

user32

GetSystemMetrics

gdi32

GetStockObject
GetObjectW
SetTextColor
SetBkMode
CreatePen
SelectObject
Polyline
DeleteObject
CreateFontIndirectW

msvcrt

_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_vsnwprintf
__set_app_type
_controlfp
setlocale
mbstowcs

advapi32

RegOpenKeyW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data25
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data24
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data23
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data21
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data20
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data19
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data5
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text14
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text13
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text12
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text5
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a59a0db239c32d900af243fc001acb5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text Size: 9KB - Virtual size: 9KB

.data25 Size: 512B - Virtual size: 500B

.data24 Size: 512B - Virtual size: 500B

.data23 Size: 512B - Virtual size: 500B

.data21 Size: 512B - Virtual size: 500B

.data20 Size: 512B - Virtual size: 500B

.data19 Size: 512B - Virtual size: 500B

.data5 Size: 114KB - Virtual size: 114KB

.data Size: 2KB - Virtual size: 2KB

.text14 Size: 512B - Virtual size: 12B

.text13 Size: 512B - Virtual size: 16B

.text12 Size: 512B - Virtual size: 16B

.text6 Size: 1KB - Virtual size: 1KB

.text5 Size: 1KB - Virtual size: 1KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 780B

.text
Size: 9KB - Virtual size: 9KB

.data25
Size: 512B - Virtual size: 500B

.data24
Size: 512B - Virtual size: 500B

.data23
Size: 512B - Virtual size: 500B

.data21
Size: 512B - Virtual size: 500B

.data20
Size: 512B - Virtual size: 500B

.data19
Size: 512B - Virtual size: 500B

.data5
Size: 114KB - Virtual size: 114KB

.data
Size: 2KB - Virtual size: 2KB

.text14
Size: 512B - Virtual size: 12B

.text13
Size: 512B - Virtual size: 16B

.text12
Size: 512B - Virtual size: 16B

.text6
Size: 1KB - Virtual size: 1KB

.text5
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 780B