b92b21c0a652671c63719e313f145a2437e55626445970426bab5b78c265b4a9

Sharing

Copy URL Twitter E-mail

General

Target

b92b21c0a652671c63719e313f145a2437e55626445970426bab5b78c265b4a9
Size

120KB
MD5

674b43473425cefdd4eae41b79437efe
SHA1

54933a7e2e78e0c86ceecf86b03b2fc3580f4736
SHA256

b92b21c0a652671c63719e313f145a2437e55626445970426bab5b78c265b4a9
SHA512

f9e2a3642cf380d5e044dea652831a3be6659c30a5048bc237cbb34d3ecf561b4e73ae1143d7f0d06011dffc2d3cd824ae7a53e38cd79efb60bbad11cf6647ce
SSDEEP

3072:zTK95aNgU2JmRDo2oUdstvCQhcSm4H4eAeEvZ5T5JW5hSn:n5iERZVs4ZFvjT7WLk

Score

N/A

Malware Config

Signatures

Files

b92b21c0a652671c63719e313f145a2437e55626445970426bab5b78c265b4a9
.exe windows x86

4216dc12c2dd343235c50a269b3e3007

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
DeleteCriticalSection
InterlockedIncrement
lstrlenW
MultiByteToWideChar
lstrlenA
GetCommandLineA
InitializeCriticalSection
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetShortPathNameA
Sleep
CreateEventA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentThreadId
lstrcmpiA
GetLastError
WaitForSingleObject
CreateThread
GetFileType
CloseHandle
LoadLibraryExA
lstrcpynA
InterlockedDecrement
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
SetEvent
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetVersion
ExitProcess
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
IsBadWritePtr
VirtualAlloc
LocalFree
RtlUnwind
HeapFree
RaiseException
HeapReAlloc
GetStartupInfoA
UnhandledExceptionFilter
HeapCreate
TerminateProcess
GetCurrentProcess
HeapSize
VirtualFree

user32

GetMessageA
DispatchMessageA
CharNextA
PostThreadMessageA

advapi32

RegEnumKeyExA
RegSetValueExA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA

ole32

CoRegisterClassObject
CoInitialize
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

RegisterTypeLi
SysStringLen
LoadRegTypeLi
VarUI4FromStr
LoadTypeLi
SysAllocString
VariantClear
SysFreeString
VariantInit

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4216dc12c2dd343235c50a269b3e3007

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 76KB - Virtual size: 76KB