95eff9e0b1d61ce1da74dc4985a87d47ec55233f22984666897bcc878dcc202b

General

Target

95eff9e0b1d61ce1da74dc4985a87d47ec55233f22984666897bcc878dcc202b
Size

19.5MB
MD5

575c2fd5380dd8a71ba99f162d8d8a6e
SHA1

0e1908afdf36717aba5cfffcc4e9b053bf743b2e
SHA256

95eff9e0b1d61ce1da74dc4985a87d47ec55233f22984666897bcc878dcc202b
SHA512

2de314ba956cb3f65e992a9f6994eede662b8cacfc35e1fcc6b625f5c36bb1a3d2db9c9f3270814416f1ae9be9a6ea41449d5b0a0ac60a65a6a72ff18642d26d
SSDEEP

393216:a4a2UBPjqgSy/hUPRCtCOCnI2nwQXWHxpRtopyL+dhu7Ojf:Be2cODOCnI7QXmxLaXhu7w

Score

N/A

Malware Config

Signatures

Files

95eff9e0b1d61ce1da74dc4985a87d47ec55233f22984666897bcc878dcc202b
.exe windows x86

716862ba118671a87ca64cbd5b588d31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
LCMapStringA
FlushFileBuffers
GetStringTypeA
lstrlenW
VirtualAlloc
FreeEnvironmentStringsW
CreateFileW
GetEnvironmentStrings
GetModuleFileNameA
CreateThread
GetCurrentThread
DisableThreadLibraryCalls
ResetEvent
UnhandledExceptionFilter
GetStartupInfoA
ExitProcess
GlobalFree
DeleteCriticalSection
SetHandleCount
GetCurrentProcess
LoadLibraryW
CancelIo
GetModuleHandleA

user32

SetForegroundWindow
TranslateMessage
PostThreadMessageW
OffsetRect
CreateWindowExW
PostMessageW
MessageBoxA
SetCapture
PtInRect
DialogBoxParamW
GetDesktopWindow
MapWindowPoints
UpdateWindow
SetCursor
LoadStringA
LoadCursorW
GetSubMenu
CheckMenuItem
CharNextW

gdi32

CreateFontIndirectW
GetBkMode
GetSystemPaletteEntries
StartPage
CreateSolidBrush
LineTo
CloseMetaFile
ExtTextOutW

advapi32

ImpersonateLoggedOnUser
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
CryptDestroyHash
CryptReleaseContext
IsValidSecurityDescriptor
CryptGenKey
ControlTraceW
ControlTraceA
GetUserNameW
RegDeleteKeyA
RegDeleteKeyW
RegQueryInfoKeyW
OpenSCManagerW
GetSecurityDescriptorDacl
QueryServiceConfigW
LookupAccountNameW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 4.5MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 470KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 6KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

716862ba118671a87ca64cbd5b588d31

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 4.5MB - Virtual size: 5.4MB

.rdata Size: 470KB - Virtual size: 615KB

.bss Size: 6KB - Virtual size: 4KB

.rsrc Size: 246KB - Virtual size: 245KB

.text
Size: 4.5MB - Virtual size: 5.4MB

.rdata
Size: 470KB - Virtual size: 615KB

.bss
Size: 6KB - Virtual size: 4KB

.rsrc
Size: 246KB - Virtual size: 245KB