ca16e6a929b4b3f96b356dbbd6813266b645427818a7d8e6f1ead03219586178

Sharing

Copy URL Twitter E-mail

General

Target

ca16e6a929b4b3f96b356dbbd6813266b645427818a7d8e6f1ead03219586178
Size

143KB
MD5

7bcf6125ed0369d94906ca4c25fce919
SHA1

7a674cb1df426e5d3fc0af6795fff2179d29ef00
SHA256

ca16e6a929b4b3f96b356dbbd6813266b645427818a7d8e6f1ead03219586178
SHA512

be999de6ea46b414722288d12ed7fa3404a68df4b979b423723ffac880983c5118dc50f62eac124386b88b8f80537a81617115cebd05fb691e9fa8a2e4664603
SSDEEP

3072:k2cR2Sa8HOqaqHLRIOwNIrI/vrCl3V9ft7n0ExLmWOf:HSa8HO2Lv/rIXOD9NnTxLmWU

Score

N/A

Malware Config

Signatures

Files

ca16e6a929b4b3f96b356dbbd6813266b645427818a7d8e6f1ead03219586178
.exe windows x86

b7bf572d5b2230d397aa5ac61b8d70c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
GetVersion
LoadLibraryExW
GetACP
RtlUnwind
GetStdHandle
FreeEnvironmentStringsW
GetFileAttributesA
GetModuleHandleW
VirtualAlloc
Sleep
OpenMutexW
CreateProcessA
IsBadReadPtr
lstrcpyA
GetTempPathA
GetLastError
QueryPerformanceCounter
WaitForSingleObject
CreateFileA
ResumeThread
GetCommandLineW
GetFileAttributesW
HeapDestroy
GetTickCount
GetProcessHeap
GetThreadLocale
FindResourceA
FreeEnvironmentStringsA
LoadResource
GetCommandLineA
IsBadWritePtr
GetCurrentProcess
OpenEventA
CreateEventW
GetStartupInfoA

advapi32

CryptCreateHash
OpenThreadToken
FreeSid
SetSecurityDescriptorOwner
GetUserNameW
GetTraceEnableFlags
RegCloseKey
GetSecurityDescriptorControl
CryptAcquireContextW
GetSidSubAuthority
RegOpenKeyA
GetLengthSid
RegSetValueExA
GetSidSubAuthorityCount
RegQueryValueA
GetTraceEnableLevel
RegDeleteKeyA
LsaQueryInformationPolicy
RegQueryValueExW
CryptReleaseContext
GetSidIdentifierAuthority
LockServiceDatabase
RegCreateKeyA
GetTokenInformation
RegCreateKeyExA
SetNamedSecurityInfoW
AllocateAndInitializeSid
OpenServiceW
QueryServiceStatus
ReportEventW
RegQueryValueExA

user32

IsWindowEnabled
ExitWindowsEx
ScreenToClient
SetWindowTextA
GetMessageA
GetSysColorBrush
CheckMenuItem
LoadCursorA
GetSystemMetrics
GetMenu
GetSubMenu
GetMessagePos
SetWindowTextW
CharUpperW
LoadIconW
PostMessageA
IsIconic
GetCapture
CopyRect
UnhookWindowsHookEx
GetDlgItemTextW
SetWindowLongA
CreatePopupMenu
SetCapture
IsWindowVisible
GetWindowRect
DialogBoxParamA
GetClassNameA
RegisterWindowMessageA
DrawTextW
MessageBeep
WinHelpW
CharNextA
CreateDialogParamW
KillTimer
IntersectRect
DialogBoxParamW
EndPaint
EndDialog
SetTimer
CallWindowProcA
RegisterClassExA
GetDesktopWindow
RegisterClassExW
LoadIconA

msvcrt

_snprintf
iswdigit
_finite
fread
fflush
_rotl
atoi
_commit
exit
__initenv
_strnicmp
_tell
rand
_iob
strrchr
_CxxThrowException
_stat
_write
__p__iob
_amsg_exit
_rotr

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbss
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 135B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 65B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7bf572d5b2230d397aa5ac61b8d70c9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

msvcrt

Sections

.text Size: 132KB - Virtual size: 131KB

.textbss Size: 512B - Virtual size: 268B

DATA Size: 512B - Virtual size: 123KB

.bss Size: 512B - Virtual size: 225B

.tls Size: 512B - Virtual size: 135B

.tls Size: 512B - Virtual size: 65B

.textbss Size: 512B - Virtual size: 37KB

.bss Size: 512B - Virtual size: 133B

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 132KB - Virtual size: 131KB

.textbss
Size: 512B - Virtual size: 268B

DATA
Size: 512B - Virtual size: 123KB

.bss
Size: 512B - Virtual size: 225B

.tls
Size: 512B - Virtual size: 135B

.tls
Size: 512B - Virtual size: 65B

.textbss
Size: 512B - Virtual size: 37KB

.bss
Size: 512B - Virtual size: 133B

.rsrc
Size: 6KB - Virtual size: 6KB