01d67a21c4a6efe67f31d99b64bf822c38c0428059018e093518924b253d6516

General

Target

01d67a21c4a6efe67f31d99b64bf822c38c0428059018e093518924b253d6516
Size

79KB
MD5

5d2229bc5f2e607d4c426b8c69942891
SHA1

aa21d1b93acc336c6c97b2676324781655e7d4b4
SHA256

01d67a21c4a6efe67f31d99b64bf822c38c0428059018e093518924b253d6516
SHA512

16d09685347bc67a1693e1a680778bd6a4a9273805e6cc9b551da4c09baedfdd0d44742fb1facef998623d373c0c40f865eddace2742912f21e06d7adfae06b2
SSDEEP

1536:GO5TVBQ78HtSsTPVVcAykP7X3TzU9Hf+UkgaXsk06X0/ZA9B:GwBQ7rC9sSX3nu2g7k0o0/Z0B

Score

N/A

Malware Config

Signatures

Files

01d67a21c4a6efe67f31d99b64bf822c38c0428059018e093518924b253d6516
.exe windows x86

44e55a2ea772830bb5bcce935796a335

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_exit
_c_exit
setlocale
malloc
exit
free
_wcsupr
wcscmp
wcstok
_iob
vfwprintf
_wtoi
wcslen
_wcsicmp
_XcptFilter
_vsnwprintf

advapi32

RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegConnectRegistryW
RegOpenKeyExW
RegCloseKey

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
DeviceIoControl
FindFirstVolumeW
CreateFileW
CloseHandle
FindNextVolumeW
FindVolumeClose
lstrlenW
GetCurrentProcessId
GetFileType
WriteConsoleW
GetUserDefaultUILanguage
GetThreadLocale
GetConsoleOutputCP
GetSystemDefaultLCID
GetLocaleInfoW
SetThreadLocale
GetVersionExW
GetModuleHandleW
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
GetStdHandle

user32

LoadStringW

ntdll

RtlInitUnicodeString
NtClose
NtOpenFile
NtQuerySystemInformation
RtlUnicodeStringToInteger

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44e55a2ea772830bb5bcce935796a335

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ntdll

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 60KB - Virtual size: 62KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 60KB - Virtual size: 62KB

.rsrc
Size: 7KB - Virtual size: 6KB