f95501e157c55fe7c1b58d66a14173a35c0905208f0dbdbcc98baf1d18e3dd4b

Sharing

Copy URL Twitter E-mail

General

Target

f95501e157c55fe7c1b58d66a14173a35c0905208f0dbdbcc98baf1d18e3dd4b
Size

2.1MB
MD5

866147c891a638fc3d157cba4b42918f
SHA1

4ea24c877d2078256aa62f77cfa622f7d59553ec
SHA256

f95501e157c55fe7c1b58d66a14173a35c0905208f0dbdbcc98baf1d18e3dd4b
SHA512

f783e0ea7ce2a3cbe369411d03ac3ddaadacf4d2995cbe2eefe0d25f96aff16d7e0aedac985399c1ecb01afc1a781f534a83663d2fc7c1b8115e1d10c46d85fb
SSDEEP

49152:x1CcuPfSXHojAtQN4p+xJWFwSsvGi/9CZrS:KPfMEtl7WiSM1Cc

Score

N/A

Malware Config

Signatures

Files

f95501e157c55fe7c1b58d66a14173a35c0905208f0dbdbcc98baf1d18e3dd4b
.exe windows x86

b363c3d069fe814dadfa5de5ce2bbc04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

localtime
wcstol
exit
fputs
ftell
memset
atoi
wcsncpy
_fileno
wcschr
_ltow
_sopen
_memicmp
__getmainargs
??3@YAXPAX@Z
_except_handler3
_wsopen
_strdup
__setusermatherr
isxdigit
wcstoul
_vsnwprintf
strncmp
__p__commode
_fsopen
_filelength
fflush
__p___initenv
_onexit
_mbsicmp
_dup
wcslen
_wfullpath
_ltoa
_wcsicmp
_XcptFilter
fclose
_waccess
__CxxFrameHandler
_adjust_fdiv
_fullpath
strcmp
_write
isalnum
_ftol
strcspn
??2@YAPAXI@Z
malloc
swprintf

advapi32

RegCreateKeyExA
RegEnumKeyExA
FreeSid
LockServiceDatabase
RegDeleteKeyA
QueryServiceStatus

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

gdi32

CreateDCW
PlayMetaFileRecord
GetBrushOrgEx
GetObjectW
SelectClipRgn
GetObjectA
CreateSolidBrush
SetViewportExtEx
CreateCompatibleDC
PlayMetaFile
EndPage
SetViewportOrgEx
DeleteMetaFile
GetViewportExtEx
GetSystemPaletteEntries
CombineRgn
GetTextAlign
LineTo
AngleArc
GetTextExtentPointW
AngleArc
GetRgnBox
RectVisible
EnumMetaFile
SetROP2
GetTextExtentPoint32A
CreateBrushIndirect
GetWinMetaFileBits
Polyline
GetStockObject
MoveToEx
GetClipBox
DeleteObject
GetViewportOrgEx
CreateHalftonePalette
SetMapMode
SelectPalette
Arc
GetLayout
RoundRect
CreateFontIndirectW
ExtTextOutW
CreateRectRgnIndirect
SetTextColor
SetBitmapBits
OffsetWindowOrgEx

kernel32

ExitProcess
GetSystemTime
GlobalAlloc
ResetEvent
SetCurrentDirectoryA
LCMapStringW
MulDiv
UnhandledExceptionFilter
GetStartupInfoW
MoveFileExA
SetPriorityClass
SearchPathW
WritePrivateProfileStringA
GetSystemDirectoryA
GetModuleHandleW
GetCPInfo
UnmapViewOfFile
GetDriveTypeA
WideCharToMultiByte
FreeEnvironmentStringsA
CreateProcessW
FindResourceW
CreateThread
GetCommandLineA
GetStringTypeA
lstrcmpW
GetWindowsDirectoryA
EnumSystemLocalesA
GetThreadLocale
GetEnvironmentStrings
WriteConsoleA
VirtualAlloc
GetSystemInfo
GetTimeZoneInformation
Module32First
FindNextFileA
FlushFileBuffers

Sections

.text
Size: 1.7MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 175KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b363c3d069fe814dadfa5de5ce2bbc04

Headers

File Characteristics

Imports

msvcrt

advapi32

version

gdi32

kernel32

Sections

.text Size: 1.7MB - Virtual size: 1.8MB

.data Size: 140KB - Virtual size: 6.1MB

.idata Size: 175KB - Virtual size: 188KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 1.7MB - Virtual size: 1.8MB

.data
Size: 140KB - Virtual size: 6.1MB

.idata
Size: 175KB - Virtual size: 188KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 19KB - Virtual size: 19KB