d1b416f30a460c8ba10c37615c2cf1fe8cd30b4d090d1f7d86277006a7645652

Sharing

Copy URL Twitter E-mail

General

Target

d1b416f30a460c8ba10c37615c2cf1fe8cd30b4d090d1f7d86277006a7645652
Size

150KB
MD5

c0b5c4c598d71e4c658d0b1c7efdc87f
SHA1

6f7b75d0c6041e5336b4397718d2a6bd15cfe251
SHA256

d1b416f30a460c8ba10c37615c2cf1fe8cd30b4d090d1f7d86277006a7645652
SHA512

8d2a3ebcc78063398283ae7879c5e3d6bbdb3f62d415e05c070948db24c437a3a947b61d7b69186e2d2232680165793fac4aadfab6b0d073f9b4967fab643b13
SSDEEP

3072:PQ53KEF8bNObtdTxqJ8NuZz2gEbb6ZUjgoABCNolPfPDPYF0lGSnG:Pm3RFT/uun60goAByqrPRG

Score

N/A

Malware Config

Signatures

Files

d1b416f30a460c8ba10c37615c2cf1fe8cd30b4d090d1f7d86277006a7645652
.exe windows x86

d7bd8e4a6bfd8e446be57e1eccce5189

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
EqualSid
RegQueryInfoKeyA
AdjustTokenPrivileges
RegDeleteValueA
FreeSid
RegSetValueExA
RegCloseKey
RegCreateKeyExA
GetTokenInformation

kernel32

GetCurrentProcess
CreateDirectoryA
GetLastError
GetDiskFreeSpaceA
lstrlenA
lstrcpynA
GetCurrentThreadId
TerminateThread
SetEvent
_lopen
FreeResource
lstrcmpA
LocalAlloc
CreateThread
CloseHandle
FreeLibrary
WriteFile
GetWindowsDirectoryA
VirtualQuery
SetCurrentDirectoryA
lstrcmpiA
GlobalAlloc
TerminateProcess
FindNextFileA
CreateFileA
GetCurrentProcessId
LoadLibraryExA
SetHandleContext
GetTempFileNameA
SetFileTime
lstrcatA
SizeofResource
GetVersionExA
LoadResource
LockResource
CreateMutexA
SetFilePointer
CreateProcessA
_lclose
GetDriveTypeA
WaitForSingleObject
LocalFree
GetProcAddress
FindClose
GetTempPathA
GetVolumeInformationA
GetCurrentDirectoryA
_llseek
GetExitCodeProcess
GetFileAttributesA
lstrcpyA
CompareFileTime
GetSystemInfo
Sleep
GetCommandLineA
GlobalFree
MulDiv
ResetEvent
ExitProcess
RemoveDirectoryA
GetStartupInfoA
SetUnhandledExceptionFilter
SetFileAttributesA
GetTickCount
IsDBCSLeadByte
GlobalLock
FormatMessageA
GetVersion
FindResourceA
GetSystemDirectoryA
GetModuleFileNameA
FindFirstFileA
ReadFile
GetShortPathNameA
UnhandledExceptionFilter
GetModuleHandleA
GlobalUnlock
CreateEventA
DeleteFileA

gdi32

GetDeviceCaps

user32

SetWindowPos
MessageBeep
MessageBoxA
GetSystemMetrics
CharNextA
CallWindowProcA
ExitWindowsEx
CharPrevA
GetDlgItem
GetWindowRect
SetDlgItemTextA
SetWindowLongA
GetDesktopWindow
GetDlgItemTextA
CharUpperA
DispatchMessageA
SetWindowTextA
EnableWindow
GetWindowLongA
LoadStringA
SendMessageA
ShowWindow
PeekMessageA
EndDialog
wsprintfA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.phkpcf
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 132KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7bd8e4a6bfd8e446be57e1eccce5189

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

version

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 121KB

.phkpcf Size: 3KB - Virtual size: 3KB

.edata Size: 132KB - Virtual size: 255KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 121KB

.phkpcf
Size: 3KB - Virtual size: 3KB

.edata
Size: 132KB - Virtual size: 255KB