99ee9ac0620146ecc198bba54c2021b57465687dbc68e67aef03a5aa763b9b95

Sharing

Copy URL

Twitter E-mail

General

Target

99ee9ac0620146ecc198bba54c2021b57465687dbc68e67aef03a5aa763b9b95
Size

348KB
MD5

2665cc44ab6f97a40239450f1be339d9
SHA1

6f24e1d17d4c92fb6a4294e72af025c3f231a5db
SHA256

99ee9ac0620146ecc198bba54c2021b57465687dbc68e67aef03a5aa763b9b95
SHA512

92fb3c6645e7d33b3b191eb1b6275be6a19916f6dbe8d428aff4400ca035f8b172130225fe5a98e9ebac6fe148fc3ca8372169c0cb5584932540cbfd0b995f26
SSDEEP

6144:rgGodjyiYh+p5DVWzm6qdMGDDrwy9N8xApjx4mHcXAdx29mQjxzFA:ratcgnWi68tP9NLmEcX79vjxBA

Score

N/A

Malware Config

Signatures

Files

99ee9ac0620146ecc198bba54c2021b57465687dbc68e67aef03a5aa763b9b95
.exe windows x86

c4889ad841a23c246ed71c9bad1f4dd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExW
CreateThread
GetWindowsDirectoryW
GetCommandLineW
FindNextFileW
DeleteFileW
FindClose
GetProcAddress
FreeLibrary
OutputDebugStringA
lstrlenW
WaitForSingleObject
GetExitCodeProcess
Sleep
CloseHandle
GetEnvironmentVariableW
FormatMessageW
LocalFree
SetEnvironmentVariableW
GetCurrentProcessId
GetFullPathNameW
GetModuleFileNameW
ExpandEnvironmentStringsW
CompareFileTime
SetFileAttributesA
DeleteFileA
GetTempFileNameA
GetFileAttributesA
GetFullPathNameA
GetPrivateProfileStringA
LocalAlloc
GetSystemTime
CreateFileA
CreateEventA
CreateDirectoryA
lstrcpynA
lstrlenA
lstrcpyA
lstrcmpA
ExitProcess
LoadLibraryA
SetStdHandle
lstrcatA
GetStringTypeW
GetStringTypeA
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetSystemInfo
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
HeapReAlloc
VirtualAlloc
HeapAlloc
LoadLibraryW
LoadLibraryExW
GetCommandLineA
MoveFileA
VirtualProtect
RtlUnwind
GetVersionExA
InterlockedExchange
VirtualQuery
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetACP
GetOEMCP
GetCPInfo

user32

RegisterClassA
TranslateMessage
GetMessageA
DispatchMessageA
DestroyWindow
UnregisterClassA
OemToCharA
CharToOemA
wsprintfA
LoadStringA
CharNextA
MessageBoxW
CreateWindowExA

advapi32

RegCloseKey
InitiateSystemShutdownExW
CloseTrace
RegQueryValueExW

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 582KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4889ad841a23c246ed71c9bad1f4dd5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 292KB - Virtual size: 582KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 292KB - Virtual size: 582KB

.rsrc
Size: 4KB - Virtual size: 2KB