928801663909acc37e4e13a54495179629ece62a2565825b8291c5def7db0c10

General

Target

928801663909acc37e4e13a54495179629ece62a2565825b8291c5def7db0c10
Size

340KB
MD5

cb2d98d12be5241f05bc46f216b9eef1
SHA1

27dc996df502b4e4980260d24926d9347965f55c
SHA256

928801663909acc37e4e13a54495179629ece62a2565825b8291c5def7db0c10
SHA512

750f7bbffa6120d73bb364ba6097d72e0a3b7a857a53c6fe65d14d46d1af4afcff0a139fea526f6c35318e212f910f8f9c9cdf938f0b4606a9e771370ce9cd60
SSDEEP

6144:8u0juDAiSB2Dn8OYSSgUHKhUkATYOJftbqCZcAzI+MM5wLt86Duu8z:8u0juVSB2DCS3UHxV1nbqCKgi8UR8z

Score

N/A

Malware Config

Signatures

Files

928801663909acc37e4e13a54495179629ece62a2565825b8291c5def7db0c10
.exe windows x86

b8753e630c333748412ed42cadce2f94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventW
CreateThread
CreateEventW
CloseHandle
GetCurrentThread
SetUnhandledExceptionFilter
SetErrorMode
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTempFileNameW
QueryPerformanceCounter
UnhandledExceptionFilter
FreeLibrary
GetProfileStringW
WriteProfileStringW
WaitForSingleObject
DisableThreadLibraryCalls
LoadLibraryExW
GetModuleHandleA
GetLocaleInfoA
GetStringTypeW
lstrcmpW
GetProcessHeap
GetProcAddress
InterlockedExchange
Sleep
VirtualProtect
InterlockedCompareExchange
GetCommandLineA
GetTickCount
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
VirtualQuery
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetSystemInfo

user32

PostMessageW

advapi32

FreeSid
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
CheckTokenMembership
RevertToSelf

gdi32

SelectObject

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8753e630c333748412ed42cadce2f94

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 276KB - Virtual size: 551KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 276KB - Virtual size: 551KB

.rsrc
Size: 8KB - Virtual size: 4KB