87e04670f9ee51e5e555ec631c383777904ff5456462044bcdb513f347ca2d33

Sharing

Copy URL

Twitter E-mail

General

Target

87e04670f9ee51e5e555ec631c383777904ff5456462044bcdb513f347ca2d33
Size

18KB
MD5

d1f096bd526e73805a07e512efd59f84
SHA1

8fe90527955ff28939c4097c7422acfaccfd4cd6
SHA256

87e04670f9ee51e5e555ec631c383777904ff5456462044bcdb513f347ca2d33
SHA512

b387bd60d1531cd80d6009284018aa549994cfb65c6dff2a4bf16d88a98aaffe88304585278fd39b44f02dde90ed553020255c8ca3f8843c29e4636086dd25a9
SSDEEP

384:lc7mRMiuoHUFwdbyFeduEDFlfRtiFPNT:KgMiuo0FwdZd3RRI

Score

N/A

Malware Config

Signatures

Files

87e04670f9ee51e5e555ec631c383777904ff5456462044bcdb513f347ca2d33
.exe windows x86

0b87e4021fd215b90e911d92f75bccd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LocalAlloc
GetLastError
RtlUnwind
GetVersionExA
CreateFileA
GetThreadLocale
ReadFile
GetCurrentProcessId
VirtualAlloc
lstrcpyA
GetSystemInfo
GetOEMCP
WriteFile
GlobalReAlloc
FindResourceA
lstrlenA
SetEndOfFile
GetDateFormatA
LocalFree
LocalAlloc
GetStringTypeExA
ExitProcess
FindClose
GlobalLock
EnumCalendarInfoA
LoadLibraryA
GetACP
InterlockedIncrement
GetDiskFreeSpaceA
GetModuleHandleA
GetProcAddress
RaiseException
GetVersion
ExitProcess
FindFirstFileA
GlobalHandle
GetProcAddress
InterlockedExchange
WideCharToMultiByte
SetFilePointer
GetCurrentThreadId
GetProcAddress
WaitForSingleObject
TlsSetValue
GetThreadLocale
GetACP
FreeLibrary
CreateEventA
GetModuleFileNameA
VirtualProtect
MulDiv
lstrcpynA
GetCPInfo
InterlockedDecrement
SetEvent
GetFullPathNameA
VirtualQuery
VirtualFree
GetLocalTime
GetLocaleInfoA
WriteFile
GetModuleFileNameA
InitializeCriticalSection
SetThreadLocale
GetVersion
GetStdHandle
TlsGetValue

user32

CharNextA
MessageBoxA
PeekMessageA
GetMenuState
CreateMenu
SetFocus
GetWindowThreadProcessId
EnableWindow
TrackPopupMenu
LoadStringA
GetForegroundWindow
BeginPaint
ReleaseCapture
GetSubMenu
DestroyMenu
SetScrollPos
InsertMenuItemA
EnumWindows
UnhookWindowsHook
LoadIconA
GetKeyState
CharLowerA
RegisterClipboardFormatA
GetScrollPos
DestroyCursor
SetForegroundWindow
GetWindowLongA
EndPaint
ShowOwnedPopups
IsWindow
GetClassNameA
UpdateWindow
OffsetRect
GetKeyboardState
ReleaseDC
GetParent
ClientToScreen
SetCursor
GetSystemMetrics
SetMenuItemInfoA
GetWindowRect
EnableMenuItem
SetWindowPlacement
IsDialogMessageA
FrameRect
SetTimer
IntersectRect
FillRect
SystemParametersInfoA
IsZoomed
GetCapture
LoadKeyboardLayoutA
GetFocus
WindowFromPoint
MessageBoxA
LoadStringA
PostMessageA
CharToOemA
GetLastActivePopup
CallWindowProcA
RegisterClassA
GetMenuItemInfoA
CallNextHookEx
CreateIcon
GetMenuItemID
GetWindow
RegisterWindowMessageA
CheckMenuItem
ScreenToClient
GetMenuStringA
RemovePropA
RedrawWindow
GetKeyboardLayoutList
ActivateKeyboardLayout
PtInRect
GetKeyboardType
OemToCharA
GetKeyboardLayout
WinHelpA
LoadCursorA
GetClientRect
WaitMessage
TranslateMDISysAccel
FindWindowA
ShowCursor
InvalidateRect
GetWindowTextA
DrawIcon
SetParent
GetWindowPlacement
DestroyIcon
SetCapture
GetScrollInfo
CreatePopupMenu
RemoveMenu
GetIconInfo
KillTimer
GetClassInfoA
IsRectEmpty
EnableScrollBar
SetScrollRange
SetClassLongA
GetScrollRange
GetMenu
MapWindowPoints
SetPropA
GetWindowDC
DestroyWindow
SendMessageA

advapi32

AbortSystemShutdownA
ChangeServiceConfigA
FreeEncryptedFileKeyInfo
IsWellKnownSid
AddAccessDeniedAce
ElfBackupEventLogFileW
GetLengthSid
AccessCheckByType
ClearEventLogW
GetAccessPermissionsForObjectA
LogonUserExA
AddAce
ElfFlushEventLog
InitializeAcl
AccessCheckByTypeResultListAndAuditAlarmA
DuplicateEncryptionInfoFile
GetEventLogInformation
AbortSystemShutdownW
FreeInheritedFromArray
LockServiceDatabase
AddAccessDeniedObjectAce
ElfCloseEventLog
GetLocalManagedApplications
AccessCheckByTypeResultListAndAuditAlarmByHandleA
DuplicateToken
AccessCheck
ClearEventLogA
GetAclInformation
LogonUserA
BuildTrusteeWithObjectsAndSidW
FindFirstFreeAce
InitializeSid
AddAccessAllowedAceEx
ElfChangeNotify
GetFileSecurityA
AccessCheckAndAuditAlarmW
GetAce
FreeSid
BuildTrusteeWithObjectsAndSidA
FileEncryptionStatusA
IsValidAcl
AddAccessAllowedAce
ElfClearEventLogFileA
AccessCheckByTypeResultListAndAuditAlarmByHandleW
DuplicateTokenEx
GetInformationCodeAuthzLevelW
DeleteService
GetEffectiveRightsFromAclA
ChangeServiceConfigW
LookupAccountSidA
CancelOverlappedAccess
BuildTrusteeWithSidA
FlushTraceA
IsValidSid
AddAccessAllowedObjectAce
ElfDeregisterEventSource
InitializeSecurityDescriptor

gdi32

CreateBitmap
SaveDC
GetPaletteEntries
CreateDIBitmap
SetDIBColorTable
GetWindowOrgEx
ExcludeClipRect
SetWindowOrgEx
RectVisible
GetDeviceCaps
CreateCompatibleDC
SetBkMode
GetStockObject
CreatePenIndirect
SetTextColor
MaskBlt
GetClipBox
BitBlt
GetObjectA
CreateFontIndirectA
SetBrushOrgEx
GetTextMetricsA
CreateSolidBrush
MoveToEx
GetBrushOrgEx
UnrealizeObject
SetBkColor
GetSystemPaletteEntries
CreatePalette
SetPixel
IntersectClipRect
PatBlt
RestoreDC
CreateDIBSection
CreateHalftonePalette
SetViewportOrgEx

Sections

wtewtw
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

zxgsgt
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b87e4021fd215b90e911d92f75bccd5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

wtewtw Size: 512B - Virtual size: 512B

zxgsgt Size: 17KB - Virtual size: 17KB

wtewtw
Size: 512B - Virtual size: 512B

zxgsgt
Size: 17KB - Virtual size: 17KB