e03766ab2465aac76bdee34de810db53720ac4dc8c49479a67335f8df54dd8fe

Sharing

Copy URL Twitter E-mail

General

Target

e03766ab2465aac76bdee34de810db53720ac4dc8c49479a67335f8df54dd8fe
Size

171KB
MD5

aed809e701a948c3b3f1ec265d9c6b8d
SHA1

3d591ec097660df000b66a8082e2ca16024ab9e9
SHA256

e03766ab2465aac76bdee34de810db53720ac4dc8c49479a67335f8df54dd8fe
SHA512

82642ad110bb1d03a15a9f8dd1aa0b4f300f5db6a078c6efed1da3a5ef34822847772905f28c573b170f9221567bc7add99f903f0114fb034db8e414ff1fd10d
SSDEEP

1536:EqJKsRwhe9+fifYT9bFSoOYa7l0atABvMcM+g6gOecseho:EqE4Ut9b4ZYTatABEN+g6gOecseho

Score

N/A

Malware Config

Signatures

Files

e03766ab2465aac76bdee34de810db53720ac4dc8c49479a67335f8df54dd8fe
.exe windows x86

45d348c7b73a754a9978bf6ba8993a2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
FreeSid
CloseServiceHandle
AdjustTokenPrivileges
GetLengthSid
RegCloseKey
RegQueryValueExW
RegCreateKeyExA
InitializeSecurityDescriptor
RegEnumKeyExW
RegQueryValueExA
RegEnumValueW
FreeSid
RegOpenKeyExA
SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyExW
AddAccessAllowedAce
RegEnumKeyExW
CloseServiceHandle
RegCloseKey
AllocateAndInitializeSid
InitializeAcl
RegEnumValueW
SetSecurityDescriptorDacl
RegEnumValueW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
InitializeAcl
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExA
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegDeleteValueW
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
FreeSid
RegDeleteValueW
RegOpenKeyW
RegQueryValueExW
RegEnumValueW
GetTokenInformation
FreeSid
RegOpenKeyExA
GetTokenInformation
GetLengthSid
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
FreeSid
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
AddAccessAllowedAce
InitializeAcl
GetTokenInformation
AllocateAndInitializeSid
OpenThreadToken
AddAccessAllowedAce
RegQueryValueExW
RegOpenKeyExW
FreeSid
InitializeSecurityDescriptor
OpenProcessToken
CloseServiceHandle
RegSetValueExA

user32

GetDlgItemTextW
PostQuitMessage
SendDlgItemMessageW
CreateWindowExW
MapWindowPoints
GetMenu
EndPaint
TranslateMessage
CreateDialogParamW
BeginPaint
ScreenToClient
GetClientRect
SetCapture
PostMessageW
OffsetRect
EndPaint
IsDialogMessageW
GetSystemMetrics
IsIconic
IsWindow
MessageBoxA
MapWindowPoints
GetWindow
DestroyIcon
RegisterClassExW
GetMenu
TranslateMessage
GetWindow
IsWindowVisible
LoadStringA
InvalidateRect
MessageBeep
GetSystemMenu
ReleaseDC
FindWindowW
GetDlgItemTextW
RegisterClassExW
WinHelpW
CheckDlgButton
InvalidateRect
SetWindowPos
RegisterClassW

kernel32

GetCurrentProcess
QueryPerformanceCounter
ReadFile
LocalFree
CloseHandle
GetCurrentProcess
SetUnhandledExceptionFilter
QueryPerformanceCounter
SetLastError
HeapAlloc

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45d348c7b73a754a9978bf6ba8993a2a

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 148KB - Virtual size: 160KB

Size: 3KB - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

�vmp0 Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 1KB - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�vmp0
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 1KB - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB