92ec758de81fb216eea55702916dd24b93f441ef59ba3ed19d7d8f3d445eac1e

Sharing

Copy URL Twitter E-mail

General

Target

92ec758de81fb216eea55702916dd24b93f441ef59ba3ed19d7d8f3d445eac1e
Size

197KB
MD5

114584f2e6c378d3daaf4132b535f530
SHA1

c9c0588df3e6fd8f84947d9217a5aa66e9adf90e
SHA256

92ec758de81fb216eea55702916dd24b93f441ef59ba3ed19d7d8f3d445eac1e
SHA512

f62ca995c6a91b78924f0d0052a94dc79d35485ba23c1c47210d2a73fd6fe39c8df7eefb628861b7f0c357b61748594c039ddfb62d5e7665b260ee1d19c6dbb8
SSDEEP

3072:voIltcdjAOie0Ubd3Nt6eDHSFJu5JGQgmCZ6dt:gIequa0

Score

N/A

Malware Config

Signatures

Files

92ec758de81fb216eea55702916dd24b93f441ef59ba3ed19d7d8f3d445eac1e
.exe windows x86

4212d75c6601043ac7a5c285b3050372

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetCurrentProcessId
GetStartupInfoA
GetEnvironmentStringsW
GetTempPathA
GetThreadLocale
VirtualProtect
RemoveDirectoryA
GetExitCodeProcess
GetUserDefaultLangID
Sleep
GetCurrentThread
lstrcmpA
GetTempPathW
LoadResource
SetFileAttributesW
GetCurrentProcess
GetOEMCP
CopyFileA
GetSystemTime
DeleteFileW
LocalFileTimeToFileTime
GetACP
lstrcmpiA
GetModuleHandleA
IsDebuggerPresent
GetModuleHandleW
GetProcessHeap
GetVersionExW
GetModuleFileNameA
lstrlenA
GetEnvironmentStrings
LocalAlloc
MultiByteToWideChar
SetCurrentDirectoryA
lstrlenW
SetFileTime
GetFileAttributesA
OpenProcess
GetDriveTypeA
DeleteFileA
GetStartupInfoW
GetWindowsDirectoryA
GetCommandLineW
CopyFileW
GetCurrentThreadId
SetFilePointer
OutputDebugStringA
lstrcmpiW
GetCPInfo

msvcrt

__set_app_type
_vsnprintf
getenv
_setmode
_stricmp
strncmp
_strnicmp
malloc
calloc
fread
fputs
__p__fmode
fprintf
wcslen
__p__commode
fwrite
atexit
__setusermatherr
_initterm
_except_handler3
_XcptFilter
_controlfp
_cexit
_exit
_onexit
_adjust_fdiv
memmove
fputc
__getmainargs
memset
__p___initenv

advapi32

RegQueryInfoKeyA
RegCreateKeyExW
AdjustTokenPrivileges
DeregisterEventSource
CryptGenRandom
GetSecurityDescriptorDacl
CloseServiceHandle
FreeSid
InitiateSystemShutdownA
IsValidSid
GetLengthSid
ControlService
RegQueryValueA
AllocateAndInitializeSid
RegEnumKeyW
RegDeleteKeyW
RegEnumKeyA
InitializeAcl
DeleteService
RevertToSelf
CheckTokenMembership
RegOpenKeyExA
InitializeSecurityDescriptor
AddAccessAllowedAce
RegQueryValueExW
GetUserNameA

user32

GetScrollRange
LoadBitmapA
EqualRect
IsDialogMessageA
CheckMenuItem
GetMenu
RemovePropA
InsertMenuItemA
ShowCursor
LoadStringA
SetWindowLongA
WindowFromPoint
GetSystemMenu
IsWindowEnabled
RegisterClassA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4212d75c6601043ac7a5c285b3050372

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 84KB - Virtual size: 84KB

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 39KB - Virtual size: 39KB