a4952dbfb5b5168b5419df55ba6a86ca5109514f450fd0cdbbdcfa5b18ebd35c

Sharing

Copy URL Twitter E-mail

General

Target

a4952dbfb5b5168b5419df55ba6a86ca5109514f450fd0cdbbdcfa5b18ebd35c
Size

37KB
MD5

2b0f43317964d0d6d2f8d47ef39871f1
SHA1

1482c895248fe591c0bbb667c5d84f95d032c651
SHA256

a4952dbfb5b5168b5419df55ba6a86ca5109514f450fd0cdbbdcfa5b18ebd35c
SHA512

26211f70a04c42d4b34722d833faceaca057d85bbdf41599efb5007f63e1e4310b4db084a63f2df70731809b5eaeb1a002f05ebe133c3f2f770ec58d64d2df6f
SSDEEP

768:6MqM7M60v14+8mD2fr1uXPdD4Z6BsTrQmJUfKUV:6MqMQ60vkfBaFDufMxKU

Score

N/A

Malware Config

Signatures

Files

a4952dbfb5b5168b5419df55ba6a86ca5109514f450fd0cdbbdcfa5b18ebd35c
.exe windows x86

32585be1b87735050d267b28aad07b42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
GetDiskFreeSpaceExA
DeviceIoControl
CreateFileA
GetLogicalDriveStringsA
Sleep
GetCurrentProcessId
SystemTimeToTzSpecificLocalTime
GetSystemTime
SetFileAttributesA
GetFileAttributesA
SetFileTime
GetFileTime
GetSystemDirectoryA
GetWindowsDirectoryA
WaitForSingleObject
OpenProcess
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
ReadProcessMemory
GetCommandLineA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SetEvent
CreateEventA
FreeLibrary
ResetEvent
GetCurrentProcess
InitializeCriticalSection
CreateProcessA
EnterCriticalSection
LeaveCriticalSection
CreateIoCompletionPort
SetLastError
PostQueuedCompletionStatus
SetThreadPriority
GetThreadPriority
ReadDirectoryChangesW
GetQueuedCompletionStatus
GetCurrentThread
OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
SetThreadContext
ReleaseMutex
CloseHandle
ResumeThread
TerminateProcess
lstrcatA
CreateDirectoryA
MoveFileA
CopyFileA
DeleteFileA
FindFirstFileA
FindNextFileA
lstrcmpiA
FindClose
lstrcmpA
lstrcpynA
lstrlenA
DeleteCriticalSection
GetThreadContext
lstrcpyA
CreateMutexA

user32

GetWindowThreadProcessId
PostMessageA
RegisterClassExA
CreateWindowExA
GetMessageA
EnumWindows
DispatchMessageA
PostQuitMessage
DefWindowProcA
SetTimer
wsprintfA
IsWindow
DestroyWindow
RegisterClassA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
PostThreadMessageA
MessageBeep

gdi32

GetStockObject

advapi32

CryptHashData
RegCloseKey
RegOpenKeyExA
RegCreateKeyA
RegDeleteKeyA
RegSetValueExA
GetUserNameA
RegQueryValueExA
RegOpenKeyA
CryptReleaseContext
CryptEncrypt
CryptDestroyHash
CryptDeriveKey
CryptCreateHash
CryptDestroyKey
CryptExportKey
CryptGetUserKey
CryptGenKey
CryptAcquireContextA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

StrCmpNIA
StrRChrA
StrStrIA
SHGetSpecialFolderPathA
SHFileOperationA

ole32

CoInitialize
CoCreateInstance

mfc42

ord858
ord561
ord356
ord537
ord941
ord924
ord5683
ord5710
ord1187
ord348
ord663
ord5860
ord2393
ord6142
ord1105
ord772
ord500
ord3701
ord2770
ord521
ord6307
ord803
ord543
ord3584
ord535
ord939
ord539
ord540
ord1575
ord860
ord825
ord823
ord668
ord1980
ord3337
ord3310
ord3319
ord3178
ord800
ord3181
ord4058
ord2781
ord815

msvcrt

mktime
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_mbsicmp
_mbsrchr
_mbstok
_purecall
_beginthreadex
_except_handler3
_strdup
malloc
fwrite
fread
fclose
fgets
fscanf
rewind
fopen
fprintf
__CxxFrameHandler
_mbsstr
free
difftime
_ftol
time
_controlfp

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

32585be1b87735050d267b28aad07b42

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

mfc42

msvcrt

msvcp60

Sections

.text Size: 36KB - Virtual size: 35KB

.text
Size: 36KB - Virtual size: 35KB