b198eb78051e0c3f5f0b4b0eab693e8aceb45d16a9686cb9d7c5c84ff6b6bf27

General

Target

b198eb78051e0c3f5f0b4b0eab693e8aceb45d16a9686cb9d7c5c84ff6b6bf27
Size

745KB
MD5

5bff48baa04c1e1b53d4b540157f791d
SHA1

147f2cbcc22cb6ad28ad8e3b894a40b49dd96721
SHA256

b198eb78051e0c3f5f0b4b0eab693e8aceb45d16a9686cb9d7c5c84ff6b6bf27
SHA512

76b9ccccb2c8064ce7a8b101cd7c1dcd29291f2019f4fac4fa53a16d2ba242276a0a6cce8c13590704695c96cc748aa97abe7605fcaac1882d76e6e1a81cf9c2
SSDEEP

12288:JFylr+0RWutl95MeWRB15P4qsBIq5unsx0bWHFKF6zRgabRgUg4QO2PGWEVez94a:Jy60RWuX950cqo5usSYKF61gabiUgbxf

Score

N/A

Malware Config

Signatures

Files

b198eb78051e0c3f5f0b4b0eab693e8aceb45d16a9686cb9d7c5c84ff6b6bf27
.exe windows x86

b40ad0a85685e5d33624370ddadea921

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTitleA
FindVolumeClose
LoadLibraryA
GetModuleHandleA
UnmapViewOfFile
GetTickCount
CreateMutexA
IsValidCodePage
SetConsoleMode
HeapDestroy
GetLastError
CreateEventA
VirtualProtect
SetConsoleIcon
SetEvent
FindClose
GetLogicalDrives
InterlockedExchange
ExitProcess
ReleaseMutex
CloseHandle

advapi32

RegEnumKeyExA
GetUserNameA
ReportEventA
RegCloseKey
EqualSid
RegQueryInfoKeyA
GetFileSecurityA
OpenTraceA
RegEnumValueA
CloseTrace
LsaClose
RegLoadKeyA
FreeSid
RegCreateKeyExA
IsValidAcl
CloseEventLog
CredReadA
OpenEventLogA
CredFree
GetAce
IsTextUnicode
CloseServiceHandle
RegFlushKey
RegQueryValueExA
CopySid
LsaFreeMemory
IsValidSid
GetLengthSid
RegSaveKeyA

wininet

DetectAutoProxyUrl
DeleteUrlCacheEntryA
HttpSendRequestA
HttpQueryInfoA
FindCloseUrlCache

user32

MessageBoxA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b40ad0a85685e5d33624370ddadea921

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 522B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 522B

.rsrc
Size: 4KB - Virtual size: 4KB