98b835fa8db123828a28f6a697bb1eab28f55bcf9339d1c408d5a274c0c7cc98

General

Target

98b835fa8db123828a28f6a697bb1eab28f55bcf9339d1c408d5a274c0c7cc98
Size

36KB
MD5

8728e16967ac7519da0893bd262d6cf5
SHA1

defebefa960b8906abffa18e0b6f0b7a05baaa0c
SHA256

98b835fa8db123828a28f6a697bb1eab28f55bcf9339d1c408d5a274c0c7cc98
SHA512

a6303220cd9db070fa3389442de04bb5099d82d27b92dc177758b636f75b94899fd0f79989a4e7c427f15fa7732ecb80f860d84c0be86f0b9c69583a40395e8a
SSDEEP

768:XcdnvvcaKxUeqHDgMgLa1iaV1KFoN808:XcN8z5CDkLay480

Score

N/A

Malware Config

Signatures

Files

98b835fa8db123828a28f6a697bb1eab28f55bcf9339d1c408d5a274c0c7cc98
.exe windows x86

39a8d482ba7de7ff46bc8fd6f7dad52c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
CreateFileA
GetFileAttributesA
CreateDirectoryA
GetSystemDirectoryA
lstrlenA
OutputDebugStringA
DeleteFileA
GetVersionExA
Sleep
Process32Next
lstrcatA
CreateToolhelp32Snapshot
ExitThread
TerminateThread
WaitForMultipleObjects
GetModuleFileNameA
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WriteFile
SetFilePointer
CloseHandle
LoadLibraryA
GetProcAddress
OpenEventW
SetFileAttributesW
ReadFile
Process32First
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleA
GetCommandLineA
CreateEventA
SetEvent
CreateThread
WaitForSingleObject
CreateProcessA
CompareStringA
SizeofResource
LoadResource
FindResourceA
lstrcmpA
ResetEvent

user32

PeekMessageA
DestroyWindow
CloseWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
wsprintfA
CreateWindowExA

advapi32

RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyW
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegCreateKeyA

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39a8d482ba7de7ff46bc8fd6f7dad52c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

iphlpapi

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 932B

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 932B

.rsrc
Size: 6KB - Virtual size: 6KB