1f2e63cb41eadacf839f50fab0bd79e1930eddef138100ea4daa524afb0b45ed

General

Target

1f2e63cb41eadacf839f50fab0bd79e1930eddef138100ea4daa524afb0b45ed
Size

481KB
MD5

56bcab3bf5b7706ea00e5e581e01f6f0
SHA1

b0ecb43e11c9b4cd271d61f167ccaeef01a6bb33
SHA256

1f2e63cb41eadacf839f50fab0bd79e1930eddef138100ea4daa524afb0b45ed
SHA512

f80643c7e473512f71a51abc08459c9cb175e0bb2b6f92b64c88073cdeb268da1e5cfdabdaff595017c5cf5fc6b6d7a3ac14929923891834a1a71b49a95e959f
SSDEEP

12288:6sJU9SxdC8CXTCxwZ+SejgJhVGAF7DUMqAm7RmZUrQ:6WU9SK8CowZHOgJOy7bG7RmL

Score

N/A

Malware Config

Signatures

Files

1f2e63cb41eadacf839f50fab0bd79e1930eddef138100ea4daa524afb0b45ed
.exe windows x86

7683a2e9d333d06f2dec0d0578972ff7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardState
SetThreadDesktop
MsgWaitForMultipleObjects
GetCursorPos
ToUnicode
GetIconInfo
PeekMessageA
CloseWindowStation
GetWindowThreadProcessId
SetProcessWindowStation
GetWindowTextA
DrawIcon
OpenDesktopA
CharLowerBuffA
GetClassNameA

kernel32

GetTickCount
HeapFree
lstrcpynW
LeaveCriticalSection
VirtualProtect
CreateFileA
GetFileAttributesA
ResetEvent
CreateMutexW
SetEvent
CreateProcessW
InitializeCriticalSection
GetCommandLineA
VirtualAlloc
GlobalUnlock
HeapAlloc
GetTimeZoneInformation
WaitForSingleObject
Sleep
GetProcAddress
GlobalLock
SetFileTime
GetLastError
OpenMutexW
GetUserDefaultUILanguage
ReleaseMutex
GetVersionExW
GetFileSize

shlwapi

PathMatchSpecW
PathFindFileNameW
PathRemoveFileSpecW
PathCombineW
wnsprintfW
StrCmpNIW
wvnsprintfA
wvnsprintfW
PathFileExistsW
wnsprintfA

advapi32

CryptReleaseContext
RegSetValueExA
RegDeleteValueA
CryptAcquireContextW
RegCreateKeyExA
RegQueryValueExA
CryptCreateHash
RegCloseKey
RegEnumKeyExA
GetUserNameW

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7683a2e9d333d06f2dec0d0578972ff7

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

shlwapi

advapi32

Sections

.text Size: 65KB - Virtual size: 65KB

.data Size: 512B - Virtual size: 16KB

.text
Size: 65KB - Virtual size: 65KB

.data
Size: 512B - Virtual size: 16KB