535f737d7a077748a49e4b3f5340bbb64b021fdad4962002b567653d6bf60bb0

Sharing

Copy URL

Twitter E-mail

General

Target

535f737d7a077748a49e4b3f5340bbb64b021fdad4962002b567653d6bf60bb0
Size

157KB
MD5

a2ec850baa3779e27144ed269955b7ef
SHA1

d56bc055afd8d7a4a368f06a703e132c0a563cda
SHA256

535f737d7a077748a49e4b3f5340bbb64b021fdad4962002b567653d6bf60bb0
SHA512

3269e6f1dcf01b54f9e640da10975d5c4e6c8cb354181c4a50a883289380a016cc25ceb1b6f6521400a69157028cf23ddfb12261a249b20e6fe79723588ca22b
SSDEEP

384:lHV9A9Dtjz1TTTTrTTTTTTTTTTTTTTTTTTTTTTTTTTTTtO7pOwxe5ymTTTTTTTTT:lHPAPwA7LmGhJdF

Score

N/A

Malware Config

Signatures

Files

535f737d7a077748a49e4b3f5340bbb64b021fdad4962002b567653d6bf60bb0
.exe windows x86

c30ec1c5cf03e7587f930b8da52f27ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCurrentThread
LocalAlloc
CloseHandle
CreateEventA
CreateFileMappingA
CreateMutexA
CreateProcessA
DuplicateHandle
ExitThread
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
VirtualAlloc
LoadLibraryA
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReleaseMutex
SetErrorMode
SetEvent
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
GetVersionExA
ReadFile

user32

LoadStringA
MsgWaitForMultipleObjects
PeekMessageA
RegisterClassA
SendMessageA
GetShellWindow
TranslateMessage
wsprintfA
GetForegroundWindow
LoadIconA
GetClassNameA
DispatchMessageA
DestroyWindow
DefWindowProcA
CreateWindowExA
CreateMenu
GetSysColor
GetSystemMetrics
ShowWindow
LoadCursorW

advapi32

RegOpenKeyW

shlwapi

StrStrIA
StrCpyNW
SHRegGetBoolUSValueA
SHGetValueA
PathRemoveFileSpecA
PathQuoteSpacesA
PathFindFileNameA
PathAppendA
wnsprintfA

msvcrt

_except_handler3

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data2
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data15
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data14
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data13
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data24
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data23
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data22
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data21
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data20
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data19
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data18
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data17
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data16
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data11
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data10
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text3
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c30ec1c5cf03e7587f930b8da52f27ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

Sections

.text Size: 32KB - Virtual size: 32KB

.data2 Size: 1024B - Virtual size: 548B

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.data15 Size: 2KB - Virtual size: 1KB

.data14 Size: 2KB - Virtual size: 1KB

.data13 Size: 2KB - Virtual size: 1KB

.data12 Size: 2KB - Virtual size: 1KB

.data24 Size: 1024B - Virtual size: 548B

.data23 Size: 1024B - Virtual size: 548B

.data22 Size: 1024B - Virtual size: 548B

.data21 Size: 1024B - Virtual size: 548B

.data20 Size: 1024B - Virtual size: 548B

.data19 Size: 1024B - Virtual size: 548B

.data18 Size: 1024B - Virtual size: 548B

.data17 Size: 1024B - Virtual size: 548B

.data16 Size: 1024B - Virtual size: 548B

.data11 Size: 1024B - Virtual size: 548B

.data10 Size: 1024B - Virtual size: 548B

.data9 Size: 1024B - Virtual size: 548B

.data8 Size: 1024B - Virtual size: 548B

.data7 Size: 1024B - Virtual size: 548B

.data6 Size: 1024B - Virtual size: 548B

.data5 Size: 1024B - Virtual size: 548B

.data4 Size: 1024B - Virtual size: 548B

.data3 Size: 15KB - Virtual size: 15KB

.text3 Size: 49KB - Virtual size: 48KB

.text2 Size: 15KB - Virtual size: 15KB

.rsrc Size: 2KB - Virtual size: 813KB

.text
Size: 32KB - Virtual size: 32KB

.data2
Size: 1024B - Virtual size: 548B

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB

.data15
Size: 2KB - Virtual size: 1KB

.data14
Size: 2KB - Virtual size: 1KB

.data13
Size: 2KB - Virtual size: 1KB

.data12
Size: 2KB - Virtual size: 1KB

.data24
Size: 1024B - Virtual size: 548B

.data23
Size: 1024B - Virtual size: 548B

.data22
Size: 1024B - Virtual size: 548B

.data21
Size: 1024B - Virtual size: 548B

.data20
Size: 1024B - Virtual size: 548B

.data19
Size: 1024B - Virtual size: 548B

.data18
Size: 1024B - Virtual size: 548B

.data17
Size: 1024B - Virtual size: 548B

.data16
Size: 1024B - Virtual size: 548B

.data11
Size: 1024B - Virtual size: 548B

.data10
Size: 1024B - Virtual size: 548B

.data9
Size: 1024B - Virtual size: 548B

.data8
Size: 1024B - Virtual size: 548B

.data7
Size: 1024B - Virtual size: 548B

.data6
Size: 1024B - Virtual size: 548B

.data5
Size: 1024B - Virtual size: 548B

.data4
Size: 1024B - Virtual size: 548B

.data3
Size: 15KB - Virtual size: 15KB

.text3
Size: 49KB - Virtual size: 48KB

.text2
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 2KB - Virtual size: 813KB