a7f250d158ea7a9badf1a050ede8d435051918e3a82307195a4256a8b8991660

Sharing

Copy URL Twitter E-mail

General

Target

a7f250d158ea7a9badf1a050ede8d435051918e3a82307195a4256a8b8991660
Size

406KB
MD5

2ae19242588fb72e655c0dc8b5b175cf
SHA1

e01fb67d15188ae784ae1ccc3cd93c4e1ad1df9d
SHA256

a7f250d158ea7a9badf1a050ede8d435051918e3a82307195a4256a8b8991660
SHA512

f8f4a9787066a44166e4ef8b0c4092e208b31827f368c50725ee0bb3db946b884ea378d0c4d243a67e45cb22c88192a704d6966ca8071fc578caa657ebe1989b
SSDEEP

12288:bgutjIldbNUiImW1PcuLdBnMVWxVgZzJVgeii+pY66tjrOoun7acRYrrLC6:blrMqPi+pYbun7aKYG6

Score

N/A

Malware Config

Signatures

Files

a7f250d158ea7a9badf1a050ede8d435051918e3a82307195a4256a8b8991660
.exe windows x86

a315f88e5fc588eb85ebf98aacd4119d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptEnumProviderTypesA
StartServiceW
CryptGetProvParam
CryptAcquireContextA
InitiateSystemShutdownW
CryptDeriveKey
CryptImportKey

user32

GetMessageW
WaitForInputIdle

comdlg32

ReplaceTextA

gdi32

SetWinMetaFileBits
SelectPalette
SetMapMode
DeleteMetaFile
CreateMetaFileW
GetRandomRgn

kernel32

SetComputerNameW
TlsSetValue
WritePrivateProfileSectionA
VirtualAlloc
GetStartupInfoA
HeapReAlloc
GetCurrentProcess
GetCommandLineW
SetLastError
MultiByteToWideChar
TlsGetValue
LeaveCriticalSection
GetFileType
GetCommandLineA
GetProcAddress
EnumCalendarInfoW
GetEnvironmentStrings
TlsFree
SetEnvironmentVariableW
VirtualFree
SetHandleCount
VirtualQuery
SetConsoleTitleA
HeapDestroy
GetCurrentThread
lstrcmp
CopyFileA
GlobalAddAtomA
GetStdHandle
GetModuleFileNameA
GetProfileSectionW
InitializeCriticalSection
HeapCreate
DeleteCriticalSection
GetModuleHandleA
FreeEnvironmentStringsW
GetCurrentThreadId
QueryPerformanceCounter
HeapAlloc
LoadLibraryA
GetTickCount
ExitProcess
WriteFile
ReadFileEx
RtlUnwind
InterlockedExchange
GetEnvironmentStringsW
OpenMutexW
FreeEnvironmentStringsA
GetModuleFileNameW
GetCurrentProcessId
TlsAlloc
GetStartupInfoW
HeapFree
IsBadWritePtr
UnhandledExceptionFilter
GetLastError
GetVersion
GetSystemTimeAsFileTime
EnterCriticalSection
TerminateProcess

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a315f88e5fc588eb85ebf98aacd4119d

Headers

File Characteristics

Imports

advapi32

user32

comdlg32

gdi32

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 3KB - Virtual size: 12KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 3KB - Virtual size: 12KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 13KB - Virtual size: 12KB