aded509685247fd242af77fd636a5bdff071721f9c1adb90cc7afda6218d00e9

Sharing

Copy URL Twitter E-mail

General

Target

aded509685247fd242af77fd636a5bdff071721f9c1adb90cc7afda6218d00e9
Size

88KB
MD5

b833320c3bc02fae3995cf7954bd254f
SHA1

a53a88ef8aac02fa98bca239cfecf7d9c91e9130
SHA256

aded509685247fd242af77fd636a5bdff071721f9c1adb90cc7afda6218d00e9
SHA512

443f25115acb9188eb22b4f34e6c4472dc2250cb9cd813eed880169015b5ba6088b5fb1c55242d07e83c3da7e74e273eb667ec91234e58dcd18bbf0f19ffed70
SSDEEP

1536:2taiXPKwkaRIj4xAqo6AmyUec6Pllgkxl8Xv80Q5cB:204PKORSEpjY+fhQ5y

Score

N/A

Malware Config

Signatures

Files

aded509685247fd242af77fd636a5bdff071721f9c1adb90cc7afda6218d00e9
.exe windows x86

83ff1f3a688394518496d77399c11c61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime
GetKeyboardType
GetSysColorBrush
GetMonitorInfoA
GetGuiResources

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
RegGetKeySecurity
RegEnumValueA
RegEnumKeyExA
LookupAccountSidA
GetTokenInformation

ws2_32

WSAStartup
htonl

wininet

InternetReadFile
InternetOpenA
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA

netapi32

NetUserGetInfo
NetApiBufferFree

kernel32

FlushFileBuffers
GetModuleHandleW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetTickCount
Sleep
CloseHandle
GetCurrentProcess
GetStdHandle
GetVersion
SetErrorMode
OpenProcess
GetCompressedFileSizeA
GetProcessShutdownParameters
CreateFileA
DeviceIoControl
GetProcessPriorityBoost
GetFileSize
DeleteFileA
GetFileAttributesExA
GetEnvironmentVariableA
GetExitCodeProcess
GetFirmwareEnvironmentVariableA
GetProcessAffinityMask
GetVolumeInformationA
GetFileTime
GetPriorityClass
WriteFile
ExitProcess
CreateMutexA
OpenMutexA
CreateProcessA
GetShortPathNameA
MultiByteToWideChar
GetModuleFileNameA
SetEnvironmentVariableA
CopyFileA
SetFileAttributesA
GetLastError
CreateDirectoryA
CreateThread
GetLocalTime
GetDriveTypeA
GetLogicalDriveStringsA
GetSystemTimeAsFileTime
GetProcAddress
RtlUnwind
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapFree
HeapAlloc
RaiseException
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
VirtualAlloc
HeapReAlloc

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83ff1f3a688394518496d77399c11c61

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

ws2_32

wininet

netapi32

kernel32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 35KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 35KB